Unable to add more than 64 websites in Allowed Websites section
SummaryUnable to add more than 64 websites to the application's Allowed Websites (Image Sources section).
User can add more than 64 rows (websites); however, after adding and checking in the rule, any user which points to the same application cannot access the Pega application.
Error MessagesERROR - Encountered a StateException attempting to acquire the output stream!
org.apache.coyote.http11.HeadersTooLargeException: An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers.SECU0009 alerts
Steps to Reproduce
- Log in to the application.
- Open the Application Definition.
- Navigate to the Integration and Security tab.
- In the Content policy, add a policy and add more than 64 entries in the Image Source.
- Save and log off the application.
- Relogin to the application.
Root CauseAn issue in the custom application code or rules.From the Tomcat documentation, the user can set the maxHTTPHeaderSize. If it is not set, then it defaults to 8 KB (maxHttpHeaderSize: The maximum size of the request and response HTTP header, is specified in bytes. If not specified, this attribute is set to 8192 (8 KB).
ResolutionPerform the following local-change:For alerts, maintain a short list and add only those URLs that are frequently used. The setting of maxHttpHeaderSize is by default 8KB.
When the maxHttpHeaderSize is increased and more URLs are added to the list, the maxHttpHeaderSize must also be increased.
It is recommended to use wild cards and to reduce the list.
Published May 13, 2019 — Updated May 22, 2019