I have a JavaScript widget which municates with my Rails app by creating tags in the DOM. Every once in a while, I see a malformed request in my server logs, where the URL is truncated at 255 characters:

/mycontroller/1/myaction?hostname=www.mycustomer.example&request[param_a]=3&request[param_b]=1&request[param_c]=0&request[param_d]=0&request[param_e]=3&request[param_f]=1&request[param_g]=4&request[param_h]=0&request[param_i]=5&request

From Google and Stackoverflow (What is the maximum length of a URL in different browsers?), it looks like 255 characters is not a valid limit on URLs.

Here's what I know:

• This is a sporadic problem, it does not happen on ALL requests
• URL is truncated at 255 characters when this happens
• When this error happens, the user-agent is not recorded in the backtrace

Here's what I do NOT know:

• What types of browsers does this error occur on? Perhaps some mobile browser...

What's the best way to root cause this problem?

I have a JavaScript widget which municates with my Rails app by creating tags in the DOM. Every once in a while, I see a malformed request in my server logs, where the URL is truncated at 255 characters:

http://myapplication.example/mycontroller/1/myaction?hostname=www.mycustomer.example&request[param_a]=3&request[param_b]=1&request[param_c]=0&request[param_d]=0&request[param_e]=3&request[param_f]=1&request[param_g]=4&request[param_h]=0&request[param_i]=5&request

From Google and Stackoverflow (What is the maximum length of a URL in different browsers?), it looks like 255 characters is not a valid limit on URLs.

Here's what I know:

• This is a sporadic problem, it does not happen on ALL requests
• URL is truncated at 255 characters when this happens
• When this error happens, the user-agent is not recorded in the backtrace

Here's what I do NOT know:

• What types of browsers does this error occur on? Perhaps some mobile browser...

What's the best way to root cause this problem?

• javascript
• ruby-on-rails
• url
• truncate

• I have heard of this problem on some mobile browsers; I can't find a list of confirmed browsers that have a 255-char limit, though. Can you filter your accesslogs for when it occurs and note the browsers? – Brock Batsell Commented Mar 4, 2010 at 18:42
• since you are not seeing a user agent, you may be seeing spiders or webbots, which often have a limit on the length of url they can handle – kennebec Commented Mar 4, 2010 at 19:04

3 Answers 3

The best way to solve the Root Cause is to not make it a GET but a POST Request.

There is AFAIK no set limits on the length of a QueryString, so the real limit is all over the place. I know that 4000 is a limit on some web servers (can't remember if it was IIS or Apache and if it could be changed), but it is very possible that some browsers have much smaller limits. The fact that you don't get a user-agent could emphasize that it's a mobile browser, crawler or other application rather than a real browser.

POST requests are a bit more plex to do, but they can carry much bigger "payloads" and can be configured on the server side.

I'm not sure why it might be happening, RFC 2068 states:

Servers should be cautious about depending on URI lengths above 255 bytes, because some older client or proxy implementations may not properly support these lengths.

It could be the server mishandling the long GET params, or it could be that older browsers (possibly IE6), are truncating the params before sending them in the hopes that it might avoid failed requests by the server.

However, there is no limits on POST request lengths in any browser or server (that I am aware of), so this is likely a guaranteed working solution.

Edit: This link states that certain browsers do impose limits on query string lengths, however they all seem to be fairly long. Perhaps mobile browsers limit the length to ~255 to conserve memory, as it's in a more limited quantity.

I've seen this happen in my access logs. There are a few very specific IPs that generate truncated requests. Looking at all traffic from these IPs shows that there are also non-truncated requests, which have user agent strings. Some of them have multiple user agent strings (though I haven't seen more than 2 uniques -- Safari 5.0.5/Mac 10.6.8 and IE 9.0/NT 6.1) show up within minutes of each other. Also, in all but 2 cases, I see a good request followed by a bad request approximately 50ms later, where the bad request is identical to the good request, but truncated at 255 bytes. The remaining 2 cases have the bad request before the good request. One of the IPs is from AT&T Worldnet suggesting that it could be a mobile gateway, but the others just appeared to be ISPs, universities or corporations.

I don't know what I can tell from this yet. It's highly unlikely to see Safari 5 and IE 9 show up from the same IP. The three possibilities are a Windows VM on Mac OSX, the IP is a gateway and that two different users made requests through it or that someone's messing with me. It seems kinda weird though that you'd get only two users ing through a gateway, and the visitor demographic for this particular site is unlikely to be running VMs (though it's not impossible), at least not for this particular task.

The fact that the truncated requests immediately follow the non-truncated request probably suggests something, but I don't know what that is. Could it be a plugin replaying the request or the NAT replaying the request? A transparent proxy?