https://bz.apache.org/bugzilla/show_bug.cgi?id=59904
--- Comment #3 from Huxing Zhang <huxing.zh...@gmail.com> --- > A maxHeaderSize of 8k has limit the number of ServerCookie object to no more > than 2k Correction: We have just observed many 4k ServerCookie object array in org.apache.tomcat.util.http.Cookies#scookies in our latest heap dump. Since spec [1] does not require cooke name and cookie value to be non-empty, given maxHeaderSize=8k, the max number of ServerCookie object in a request will be 4k, if if cookie string is '=;=;=;=;=;...'. We argue the growing strategy here that the number of ServerCookie object should have an upper limit, which is maxHeaderSize / 2. For example, if maxHeaderSize is 5k, then the number of ServerCookie object should be no more than 2.5k, hence the growing from 2k -> 4k will be unnecessary. [1] https://tools.ietf.org/html/rfc6265#section-4.2.2 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
