Request (GET) or (POST):

http://localhost:8080/images?name=iVBORw0KGgoAAAANSUhEUgAAAAUA%20AAAFC......

Response:

Status Code: 414 Request-URI Too Long Connection: close Content-Length: 0

How to increase the request size?

You have a Request URI that is over 8kb in size! Eeesh!

Request-URI limits exist because of various vulnerabilities and bugs found in browsers, proxies, and networking hardware.

While it is possible to increase the Request URI limit checks in Jetty, the values chosen for Jetty represent the current safe maximums in use by various http clients and intermediaries on the public internet.

WARNING: YOU DO NOT WANT TO DO THIS

This is inappropriate for:

• A WebServer accessible from the Internet.
• A WebServer accessed by browsers like Chrome, Firefox, Safari, MSIE, or Opera.
• A WebServer accessed by a mobile device like Android, iOS, or Microsoft mobile.
• A WebServer that has a proxy in front of it.
• A client that uses a proxy to access the WebServer.

This is only useful for transactions limited between custom HTTP clients directly talking to a Jetty server.

Instructions for Jetty 9.2.6.v20141205

If you don't have a Jetty Base ${jetty.base} directory yet, create one, and initialize it.

[user]$ mkdir mybase
[user]$ cd mybase
[mybase]$ java -jar /path/to/jetty-distribution-9.2.6.v20141205/start.jar \
            --add-to-start=http,deploy,webapp

Edit the ${jetty.base}/start.ini

And change (or add) the following property with your desired upper limit.

jetty.request.header.size=8192

And no, there is no way to disable this limit check.

For each increase you open yourself up to greater and greater issues.

Starting with some browsers (and eventually all browsers) not being send the request, let alone jetty receiving it.

Meanwhile the ability of many proxy servers to handle your request starts to fail, resulting in terminated and failed connections or requests. Sometimes even truncated requests to Jetty.

Also each increase exposes you to various vulnerabilities surrounding unchecked limits in headers, resulting in the ability of various groups in executing CPU and Memory based DOS attacks that require very little network traffic to perform.

The Correct Way to Fix This:

You really should switch to POST (or PUT) based request data, and not be sending that amount of data in the request headers of the HTTP protocol.

A possibly easier way is to set the requestHeaderSize in your yaml config file. Here is an extract from ours:

    server:
      applicationConnectors:
      - type: http
        maxRequestHeaderSize: 100KiB

Other possible settings are shown here