Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Unable to Check in the CSP rule after adding configuration



Unable to Check in the Content Security Policy (CSP) rule after adding configuration.

Error Messages

500 Error

[egaRULES-MasterAgent] [STANDARD] [ ] [ ] (internal.async.Agent) INFO    - System date: Total memory: 8,589,934,592 Free memory: 3,245,725,248 Requestor Count: 68 Shared Pages memory usage: 0% Current number of threads: 314 

[ttp-nio-8443-exec-60] [ ] [ ] [ ] (web.impl.WebStandardImpl) ERROR   - Encountered a StateException attempting to acquire the output stream! 

org.apache.coyote.http11.HeadersTooLargeException: An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers.

Steps to Reproduce

  1. Log in to the Developer portal from Pega Designer Studio.
  2. Switch to the Developer application.

  3. Open the User's Secure rule from the Checked out rules.

  4. Click Check in.

Root Cause

The issue occurred because '[[' (double bracket) is present in the URL mapping when the LDAP2 (access group is changed) is used. Pega does not work when '[[' is used and Tomcat does not accept the '[[' that is generated in the access group hash.


Apply the following hotfixes:
  1. HFix-46773
  2. HFix-47420

Published October 18, 2019 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us