Stefano Pacifico 🧬 🇺🇦
daniel:// stenberg://Limit the (#curl) URL size more?
EricJ
Elias MÃ¥rtenson@bagder does memory and cpu usage grow faster than O(n) with respect to the length of the URL? If so, it should be made smaller, I think. Otherwise perhaps not?
@loke the report claims it does, but I cannot reproduce that so I think no. Still, if we don't need this large URLs we could also just cut down to decrease the risk of another future issue in the similar spirit.
Stefan Eissing@bagder many servers will reject by default urls above 8k. But there are probably special setups out there.
Other things start to break when urls go beyond 64k. h2 may have a problem with its header handling (although headers are outside the stream's window size).
h3 will have problems with initial congestion windows where headers count for the window.
I think 64k would therefore be a limit that should not by itself pose problems.
Valentin Gosu@bagder since I assume curl doesn't need to deal with hash manipulation in JS and data URLs, a limit of Kb might be OK.
In Firefox we got bugs when we tried to limit it, because the hash would contain encoded data, or data URLs would encode images or video.
In Firefox we got bugs when we tried to limit it, because the hash would contain encoded data, or data URLs would encode images or video.
@valenting we instead have users sending huge pieces of data in the URL to servers they configure to allow multiple megabytes in the path...
Basti
Brar Piening@bagder you probably mean *default* URL size and make it configurable (e.g. via a command line argument), no?
To me curl is the tool that works where others fail. The tool, I use to push boundaries and to debug problems like server limits that I might have to increase. If I could configure a server to higher limits than I can make curl support this would be gone.
To me curl is the tool that works where others fail. The tool, I use to push boundaries and to debug problems like server limits that I might have to increase. If I could configure a server to higher limits than I can make curl support this would be gone.