I looked and found the answer to some people having issue with GET request URL exceeding the maximum length in Jetty is to set the headerBufferSize in jetty.xml to be a bigger number as in this Solr troubleshooting manual and this.
However, I have a hard time to understand what the header buffer size has to do with the request URL's length? If setting headerBufferSize increase request's URL length limit, what does a value of 6 KB to headerBufferSize correspond to the maximum length of the request's URL? The reason I ask because the maximum length of URL imposed by most browsers is around 2000 characters as in What is the maximum length of a URL in different browsers? and headerBufferSize's unit is in Bytes.
In a typical POST request you will see the following ...
POST /to/my/path HTTP/1.1
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Host: https://my.machine.com
Content-Length: 10
Action=Add
Breaking this down:
- The POST through Content-Length lines are the Request Headers.
- The
POST line is known, in HTTP terminology, as the Request-Line, it contains the method (POST) + abs_path (/to/my/path) + http version (HTTP/1.1)
Content-Type - lets us know how the body content is formatted/encoded.Host - lets the server know what host was being accessed (used mainly by virtual host setups)Content-Length - lets us know that there is 10 bytes of body content
- The
Action=Add is the POST body content.
At its heart there are 2 parts of a request or response, the Headers and the Body Content.
When you set the headerBufferSize you are setting the ultimate upper limit for the header content (not body content).
There are a number of abuses / vulnerabilities present when you have unlimited header sizes, ranging from abusive memory consumption, to intentional hashmap collisions resulting in excessive CPU use. Limiting the header buffer sizes limits the scope of these kinds of issues. (these vulnerabilities are not unique to Jetty, but exist for all web servers)
If you are hitting these limits, you should consider evaluating how you are using solr (such as incorrectly using GET when you should be using POST), as increasing the headerBufferSize will also open you up to the various known web vulnerabilities.
Update: Oct 24, 2013
See other answer related to What is the maximum length of a URL
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 做个烂人 的文章《Set maximum URL length in Jetty》','https://www.manongdao.com/article-412779.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}