Support Article
Unable to add more than 64 websites in Allowed Websites section
SA-79658
Summary
Unable to add more than 64 websites to the application's Allowed Websites (Image Sources section).
User can add more than 64 rows (websites); however, after adding and checking in the rule, any user which points to the same application cannot access the Pega application.
Error Messages
ERROR - Encountered a StateException attempting to acquire the output stream!
org.apache.coyote.http11.HeadersTooLargeException: An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers.
SECU0009 alerts
Steps to Reproduce
- Log in to the application.
- Open the Application Definition.
- Navigate to the Integration and Security tab.
- In the Content policy, add a policy and add more than 64 entries in the Image Source.
- Save and log off the application.
- Relogin to the application.
Root Cause
An issue in the custom application code or rules.
From the Tomcat documentation, the user can set the maxHTTPHeaderSize. If it is not set, then it defaults to 8 KB (maxHttpHeaderSize: The maximum size of the request and response HTTP header, is specified in bytes. If not specified, this attribute is set to 8192 (8 KB).
Resolution
Perform the following local-change:
For alerts, maintain a short list and add only those URLs that are frequently used. The setting of maxHttpHeaderSize is by default 8KB.
When the maxHttpHeaderSize is increased and more URLs are added to the list, the maxHttpHeaderSize must also be increased.
It is recommended to use wild cards and to reduce the list.
Published May 22, 2019 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.