Support Article

Unable to add more than 64 websites in Allowed Websites section



Unable to add more than 64 websites to the application's Allowed Websites (Image Sources section).
User can add more than 64 rows (websites); however, after adding and checking in the rule, any user which points to the same application cannot access the Pega application.

Error Messages

ERROR - Encountered a StateException attempting to acquire the output stream! 
org.apache.coyote.http11.HeadersTooLargeException: An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers.

SECU0009 alerts

Steps to Reproduce

  1. Log in to the application.
  2. Open the Application Definition.
  3. Navigate to the Integration and Security tab.
  4. In the Content policy, add a policy and add more than 64 entries in the Image Source.
  5. Save and log off the application.
  6. Relogin to the application.

Root Cause

An issue in the custom application code or rules.

From the Tomcat documentation, the user can set the maxHTTPHeaderSize. If it is not set, then it defaults to 8 KB (maxHttpHeaderSize: The maximum size of the request and response HTTP header, is specified in bytes. If not specified, this attribute is set to 8192 (8 KB).


Perform the following local-change:

For alerts, maintain a short list and add only those URLs that are frequently used. The setting of maxHttpHeaderSize is by default 8KB.

When the maxHttpHeaderSize is increased and more URLs are added to the list, the maxHttpHeaderSize must also be increased.

It is recommended to use wild cards and to reduce the list.

Published May 13, 2019 - Updated May 21, 2019

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.