0

I have written some code in node.js that is expecting a whole slew of unique id's in the route.

it looks something like this

api/389+138+638+659+665+814+148+713+730+834+241+77+682+802+173+661+695+192+809+733+644+272+675+735+76+656+660+757+144+745+628+593+624+787+788+789+129+668+810+630+474+673+716+36+837+771+203+725+169+133+655+103+636+731+11+300+813+417+742+799+803+794+755+812+429+387+75+831+830+451+163+835+642+734+817+844+696+187+286+363+613+750+822+807+292+38+671+710+793+437+683+676+649+648+392+712+711+702+801+653+754+806+597+843+140+643+740+773+394+223+294+48+239+792+827+824+826+815+828+825+795+309+805+838+335+722+412+749+763+301+634+820+821+819+818+833+785+720+718+719+744+743+631+782+753+796+847+832+736+645+641+196+848+27+421+748+737+777+778+172+457+625+780+845+666+433+574+577+368+63+846+633+623+411+249+640+762+791+410+770+797+727+377+449+839+840+237+709+751+829+694+219+229+841+800+647+81+674+376+114+444+685+407+432+431+403+760+678+579+836+752+408+586

I get a 400 -- bad request back every time.

But, if I shorten the list significantly like this it hits the API with no problems.

api/429+387+75+831+830+451+163+835+642+734+817+844+696+187+286+363+613+750+822+807+292+38+671+710+793+437+683+676+649+648+392+712+716

Is it possible for a request to be too long? It may also be worth noting that this is not an issue at all when I'm developing locally. It only throws it back at me when I'm in one of our deployed environments.

Is there a better way to make this request or is there some kind of node, server, or application setting that can be adjusted?

Christopher Mellor
  • 470
  • 2
  • 9
  • 23
  • A `408` status code is used for a server side request timeout: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes so I don't suspect that it is a timeout – hmiedema9 Mar 20 '19 at 17:10
  • Thanks for the reply -- it is definitely not a timeout. The response is almost instantaneous. – Christopher Mellor Mar 20 '19 at 17:11
  • Are all of your ID's supposed to be 3 digits? – hmiedema9 Mar 20 '19 at 17:11
  • @hmiedema9 no, they can be 2 or 3 digits – Christopher Mellor Mar 20 '19 at 17:12
  • Hmm, okay. This is interesting. A 400 is due to malformed input data, i.e. syntax of your request JSON: https://stackoverflow.com/questions/19671317/400-bad-request-http-error-code-meaning is there any way you can debug the request server side and see what is actually being sent? And compare it to what's sent when you run it locally – hmiedema9 Mar 20 '19 at 17:14
  • Ah, sorry, a 400 is also used for `Request too large`. That must be what's happening. See this answer: https://stackoverflow.com/questions/48035022/nodejs-express-request-entity-too-large – hmiedema9 Mar 20 '19 at 17:15
  • Possible duplicate of [What is the maximum length of a URL in different browsers?](https://stackoverflow.com/questions/417142/what-is-the-maximum-length-of-a-url-in-different-browsers) – Nino Filiu Mar 20 '19 at 17:49

2 Answers2

0

Yes, it is possible. You need to increase the size in your web server (ex: nginx, apache)

Add this to your server block for nginx

client_max_body_size 2M;
MCSH
  • 405
  • 4
  • 16
  • This sounds right!! We are using IIS -- do you know how to do this? – Christopher Mellor Mar 20 '19 at 17:44
  • @ChristopherMellor it says in the tags that you're using NodeJS, not IIS, what is happening? :) – Nino Filiu Mar 20 '19 at 17:50
  • @NinoFiliu it is a node app running on a windows server – Christopher Mellor Mar 20 '19 at 17:51
  • Note that there are two separate pieces: body_size and URL length (see https://stackoverflow.com/questions/1289585/what-is-apaches-maximum-url-length). If you do a GET (which is what that looks like), the latter is going to be the limit. If you can change to use a POST with a body, then @MCSH's answer is likely to be more helpful – Foon Mar 20 '19 at 18:30
  • @ChristopherMellor For IIS, Try changing `maxQueryString` and `maxUrl` parameters. – MCSH Mar 20 '19 at 20:54
-2

For anyone else who stumbles across this, it seemed like the only way to change this was to get into the IIS register. I didn't want to do that because this for a number of reasons. So instead, I changed my code to have to route be a POST instead of a GET and sent all of the info in the header. This may not fix the issue 10 times out of 10, but it took me like 20 minutes to reconfigure everything on the front and back end and it works fine.

Christopher Mellor
  • 470
  • 2
  • 9
  • 23