Cookie length limitations in the cobalt stack

Joshua Krebs
Joshua Krebs
in TR Internal
We ran into a problem with the length of a cookie causing 400 bad request http responses in Advisor. I understand there are browser limitations on size (around 4 Kb) which we were well under. We are also under the total amount allowed for a domain as well. (20 x 4 Kb) Do we have IIS, Apache, BigIP, or any other technology set to restrict the length of cookies that can be sent in a request beyond what browsers already restrict?
Tagged:

Best Answer

  • mark.maruska
    mark.maruska
    Answer ✓
    ** Community Wiki. Please edit this answer with additional info. * __Internet Explorer__ - [Number and size limits of a cookie in Internet Explorer](
    http://support.microsoft.com/kb/306070)

    • * at least 300 cookies * at least 4096 bytes per cookie (as measured by the size of the characters that comprise the cookie non-terminal in the syntax description of the Set-Cookie header) * at least 20 cookies per unique host or domain name
    * __BIG-IP__ - Maximum Header Size: 32768 bytes. The cookies are one part of the http header. Considering that the browser seems to support 20 x 4KB = 81,920 bytes for cookies alone and BIG-IP max header is 32,768 bytes, then that may be an issue for your scenario. Maybe you can check if the total header for your request is larger than 32,768 bytes.

Categories