IBM Support

PI78975: INCREASE THE CONFIGURABLE LIMIT OF THE MAXIMUM HEADER FIELD SIZE

Fixes are available

8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
9.0.0.5: WebSphere Application Server traditional V9.0 Fix Pack 5
8.0.0.14: WebSphere Application Server V8.0 Fix Pack 14
9.0.0.6: WebSphere Application Server traditional V9.0 Fix Pack 6
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
9.0.0.7: WebSphere Application Server traditional V9.0 Fix Pack 7
7.0.0.45: WebSphere Application Server V7.0 Fix Pack 45
8.0.0.15: WebSphere Application Server V8.0 Fix Pack 15
7.0.0.45: Java SDK 1.6 SR16 FP60 Cumulative Fix for WebSphere Application Server
9.0.0.8: WebSphere Application Server traditional V9.0 Fix Pack 8
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
9.0.0.9: WebSphere Application Server traditional V9.0 Fix Pack 9
9.0.0.10: WebSphere Application Server traditional V9.0 Fix Pack 10
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
9.0.0.11: WebSphere Application Server traditional V9.0 Fix Pack 11
9.0.5.0: WebSphere Application Server traditional Version 9.0.5 Refresh Pack
9.0.5.1: WebSphere Application Server traditional Version 9.0.5 Fix Pack 1
9.0.5.2: WebSphere Application Server traditional Version 9.0.5 Fix Pack 2
8.5.5.17: WebSphere Application Server V8.5.5 Fix Pack 17
9.0.5.3: WebSphere Application Server traditional Version 9.0.5 Fix Pack 3
9.0.5.4: WebSphere Application Server traditional Version 9.0.5 Fix Pack 4
9.0.5.5: WebSphere Application Server traditional Version 9.0.5 Fix Pack 5
9.0.5.6: WebSphere Application Server traditional Version 9.0.5 Fix Pack 6

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Previously, the maximum value that can be configured for the
    "maximum header field size" from the following panel is 32768:
    
    Servers > WebSphere application servers > [server_name] > Ports
    > [port_name], view associated transports >
    HttpQueueInboundDefault/WCInboundDefault > HTTP inbound channel
    (HTTP 2)
    
    This APAR is to request the limitation on the configured
    "maximum header field size" to be increased to 65536.
    

Local fix

  • Use an http/https header that is 32768 bytes or smaller in size.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server            *
    *                  Traditional Version 7.0, 8.0, 8.5.5, 9.0    *
    *                  users of HTTP Channel administration        *
    *                  console configuration                       *
    ****************************************************************
    * PROBLEM DESCRIPTION: A configuration panel                   *
    *                      for the HTTP Channel                    *
    *                      prevents the user from setting a        *
    *                      value for the maximum headers greater   *
    *                      than 32768                              *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    When attempting to configure the maximum size of the header
    field via the administration console, the input field would
    not accept a number greater than 32768
    

Problem conclusion

  • The HTTP Channel and associated administration console panel
    were modified to accept a value up to 2147483647 with the
    default of the field being 32768
    
    The fix for this APAR is currently targeted for inclusion in
    fix pack 7.0.0.45, 8.0.0.14, 8.5.5.12, 9.0.0.5.  Please refer
    to
    the
    Recommended
    Updates
    page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI78975

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-03-28

  • Closed date

    2017-06-14

  • Last modified date

    2018-03-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

  • R700 PSY

       UP

  • R800 PSY

       UP

  • R850 PSY

       UP

  • R900 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
18 October 2021