1

I have one application sending request to a microservice. In the header there is JWT token which got larger and I get this error

Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request header is too large</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Request header is too large

I found out that you can increase the max allowed size of the header in the yml config file 

server:
  max-http-header-size: 5MB

But I still get the same result. I am using Spring 2.2.6

Georgi Michev
  • 764
  • 5
  • 18
  • 37

2 Answers2

2

try changing

server: max-http-header-size: 5MB

to:

server: max-servlet-header-size: 5MB

"http" is used for spring boot 1.4.x and 1.5.x while 2.x uses the "servlet" keyword

i had the same problem with : spring.servlet.multipart.max-file-size=512KB had to change to spring.http.multipart.max-file-size=512KB but my application is using spring.boot.1.5.4

and for yml format look at this post https://stackoverflow.com/a/54302823/10315229

Slobodan Margetić
  • 148
  • 1
  • 11
1

https://docs.spring.io/spring-boot/docs/2.0.4.RELEASE/reference/html/common-application-properties.html:

Maximum size, in bytes, of the HTTP message header

In code (https://github.com/spring-projects/spring-boot/pull/5641/files):

@ConfigurationProperties(prefix = "server", ignoreUnknownFields = true)
public class ServerProperties
...
    /**
     * Maximum size in bytes of the HTTP message header.
     */
    private int maxHttpHeaderSize = 0; // bytes

So, the value 5M most likely will be converted in 5, not in 5242880 bytes (5 megabytes).

Dmitry Ionash
  • 763
  • 5
  • 11