tech:http_-_gros_cookies
Http - Gros cookies
Limites :
- Apache - 8K
- Nginx - 4K-8K
- IIS - 8K-16K
- Tomcat - 8K – 48K
- Node (<13) - 8K; (>13) - 16K
Messages d'erreurs :
- 400 Bad Request
- 413 Payload Too Large
- 413 Request Entity Too Large.
Conf Apache
LimitRequestFieldSize 16384 LimitRequestLine 16384
Conf Nginx
large_client_header_buffers 4 16k
Varnish
DAEMON_OPTS=" ... -p http_req_hdr_len=16k \ -p http_resp_hdr_len=16k" \ ...
pfs-sorry-test-gros-cookie.sh
#!/bin/bash set -o errexit set -o pipefail set -o nounset if [ "${#@}" -eq 2 ] then CookieLen=$1 TgtUrl=$2 #Cookie=$( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-"${MaxCookieLen}"} | head -n 1 ) Cookie=$(eval $(echo printf '0%.0s' {1..${CookieLen}})) #wget -4 --no-check-certificate -I -qO- --header "Cookie:${Cookie}" "${TgtUrl}" curl -v -k -H "Cookie:${Cookie}" "${TgtUrl}" else echo "Missing parameters. Usage $0 Cookie-Size Url" exit 1 fi
tech/http_-_gros_cookies.txt · Dernière modification : de Jean-Baptiste