Symptom
For security reasons, set the maximum length of the headers part of HTTP requests that can be received by the HTTP Provider Service. This can prevent denial-of-service attacks by requests with huge headers.
Read more...
Environment
- SAP NetWeaver 7.0
- SAP enhancement package 1 for SAP NetWeaver 7.0
- SAP enhancement package 2 for SAP NetWeaver 7.0
Product
SAP NetWeaver 7.0 ; SAP enhancement package 1 for SAP NetWeaver 7.0 ; SAP enhancement package 2 for SAP NetWeaver 7.0
Keywords
security, vulnerability, VA, Visual Administration, http, header, length, content-length, java, J2EE, server, dispatcher, secure, MaxRequestHeadersLength , KBA , BC-JAS-WEB , Web Container, HTTP, JavaMail, Servlets , BC-JAS-SEC , Security, User Management , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.