HTTP message header buffer error

Unable to access some pages in Adobe Experience Manager

You can't access some pages and the following error appears in the logs:

servletengine Bad request. request line exceeds 8192 bytes


If the message header of HTTP messages to an AEM server is routinely too large, there are a couple of things that can be done to solve the problem.

You can increase the size of the header buffer in AEM/CQ.

To increase the size of the header buffer within CQ 5.5, get feature pack NPR-2324 from Adobe. This feature pack adds a header buffer size field to the Day CQSE HTTP Service OSGi configuration. The field to change is Buffer Request Size (org.apache.felix.http.cqse.requestBufferSize).

In AEM 5.6, the feature pack is not necessary. The same configuration that the feature pack for CQ 5.5 adds is already available.

The server has been changed for AEM 6+. The configuration to change is within the Apache Felix Jetty Based Http Service configuration. The fields to change are Request Buffer Size and Response Buffer Size (org.apache.felix.http.jetty.requestBufferSize and org.apache.felix.http.jetty.responseBufferSize).

If the AEM instance is running within a JEE application server it doesn't use the built-in Web server. Change the buffer header size within the application server configurations.

While the HTTP specification does not put a maximum limit on message headers, if more than 24k is needed for HTTP header buffer size, another solution is needed. The larger the size of the header buffer is, the more memory each open HTTP socket will take. This includes sockets that are waiting for a connection. Each socket requires that the memory for both request message headers and response messages headers be allocated to it all time. Increasing the message header size drastically will have a direct effect on the amount of minimum heap memory AEM must have to run.

If the URL for requests is too large because of the size of the URL arguments, change the requests to use the POST method instead of GET. The parameters for GET requests add to the size of the message header. The parameters for POST requests, however, are added to the message content.

If the size of cookies is causing the message header to be too large, consider eliminating information stored in the cookies or store the data in another way. Browser Web storage objects do not cause message headers to grow. The Client Context within AEM can, over time, require a large amount of data saved. By default, later versions of AEM use Web storage objects for Client Context data. Older versions commit Client Context data using cookies. See Client Context in Detail for information on how to change the way data is stored.

Additional information

AEM/CQ has a buffer for the content of the HTTP request header. The content of the HTTP request and response headers must fit within the buffer. Within CQ 5.5 and AEM 5.6, the default size of this buffer is 8k. The default size of the header buffer is larger in AEM 6.

All HTTP messages have two parts, the message header and the message body.

The message body contains all of the information we think of as the content of the message. Examples of message body would be the HTML text of a webpage or the binary of an image. For HTTP messages that use POST requests, the message body can contain the parameters of the post request.

The header contains information about the request or response. This includes the HTTP method used and the URL requested. For HTTP response messages, the HTTP status for the response is included as well. Other information about the HTTP message can be included in the form of key/value pairs that are called header fields. Browser cookies are sent and received as key/value pairs within message headers as well.

A message header is meant to be evaluated on receipt and is processed as a whole before the server or the browser acts on the message content. AEM reads the HTTP message header into a buffer that must be large enough to contain the whole header. If the content of the header of an HTTP message is too large to fit in the buffer, the message fails.

There are a few conditions that can cause the HTTP message header to be too large to fit in the server's buffer. Any one of these conditions can by itself, or with other conditions, cause the HTTP to be too large.

The URL in a request can be too long for the buffer. This can happen, for example, when a request has hundreds of URL arguments. Or it can happen when individual URL arguments are huge.

The information saved to cookies can grow to the point where it causes the header to no longer fit in the server's header buffer. This issue can be caused by many, smaller, cookies, or fewer, extremely large, cookies.

It is possible for developers to create custom header fields. Often single sign-on implementations use custom header fields. Because the size of the values in header fields is not limited in the HTTP specification, developers can create header fields with a great deal of content.

See also

HTTP Message specification 
HTTP Web storage specification