HTTP GET request with many items in query string

Question

We make an HTTP GET request with a lot of data in the query string, representing all of the ids of a collection to retrieve.

Regarding the limit on the length of the query string in the url, a quick google search says:

RFC 3986 also states there is no limit, but indicates the hostname is limited to 255 characters because of DNS limitations (section 2.3.3). Microsoft states that the maximum length of a URL in Internet Explorer is 2,083 characters, with no more than 2,048 characters in the path portion of the URL.May 1, 2009

If we don't use IE, should I be concerned about potentially exceeding the limit on the query string length? I am certain I have seen the limit exceeded on my Node.js Express server, specifically when I included a base64 string representing an image in the query string of a GET request.

What's a good way to get around this problem? Should we just use an HTTP POST request instead? Certainly we do not want to break apart 1 GET request into 1000's just to avoid this problem.

Answer 1

If you intend to keep your API clean and RESTful, you could split your request into two parts. The first one will send your configuration to the server for calculations (POST); the second one will collect the results (GET).

This approach has multiple advantages besides overcoming the limit of HTTP GET on browser, firewall, routers, etc. For example, you can later introduce partial result polling or a possibility to cancel a long running calculation. Furthermore, you keep the URL short and user-readable.

The implementation details were already described here.

Answer 2

In a RESTful web service, GET retrieves data. POST requests create data on the server and do not have size limits, but servers often have a default limit that can be changed.

If maintaining a RESTful application does not apply to your situation, then you can use POST.

It is important to note that GET requests can be cached but POST requests cannot, so if you are getting a lot of (the same) data in return, you should use GET.

Answer 3

I would say that if you have GET request with a length over 2000 than it smells like something is wrong in the design (I can't find a good reason to pass an image via GET in base64 instead of POST as you mentioned). I would rather go with POSTs in that scenarios; also searching around about the 2048 characters limit seems it does not really apply, see firefox and Chrome and i won't rely on this dated info about microsoft ie, here a more detailed analysis.

You can also consider to implement a string shortener for your parameters names and values but in my opinion readability is more important. Have a look at this question on how to shorten parameter in javascript.

Answer 4

The limit from IE applies to both GET and POST requests, so first things first, a POST request won't totally solve your problem here.

For browsers, there's no universal limit, each browser implements different limits with different consequences.

In addition, apart from limits placed by the web browsers, servers could also have their own limits, either default or set (e.g. Apache's LimitRequestLine Directive).

Also, memory problems could be an obstacle when processing data (PHP for example can set memory limits for each script), and PHP on Apache also has a configurable post_max_size directive.

Generally, consensus on this subject lays around limiting your GET request length to a maximum of 2000 characters, or to use POST requests (albeit with limits as well).

My suggestion: Truncating your request and sending several requests which get stored by the server and processed when a request comes with a final flag might be a possible solution. Also, string compression libraries exist to help you compress and decompress large data, see LZW compression for example which works with several dozen programming languages.