March 05, 2019

414 URI Too Long

The URI or path of a HTTP request doesn’t have any hard limits in terms of how long it’s allowed to be.

However, Browsers and search engines have limits, and on the server side it’s a good idea to limit the length of the URI to combat certain denial-of-service attacks or bugs.

Based on limits of browsers, it’s a good idea to try and not exceed 2000 bytes for the uri.

When a client does exceed it, the appropriate status code to return is 414 URI Too Long.

Example

HTTP/1.1 414 URI Too Long
Content-Type: text/html

<p>Insufficient level of conciseness in request</p>

References

RFC7231, Section 6.5.12 - 414 URI Too Long

HTTP series

This article is part of a series about the HTTP protocol. Read them all here:

Series of posts on HTTP status codes (2018-06-27)

Informational 1xx

100 Continue (2018-06-27)
101 Switching Protocols (2018-06-28)
102 Processing (2018-06-29)
103 Early Hints (2018-06-30)

Successful 2xx

200 OK (2018-07-03)
201 Created (2018-07-10)
202 Accepted (2018-07-17)
203 Non-Authoritative Information (2018-07-24)
204 No Content (2018-07-31)
205 Reset Content (2018-08-07)
206 Partial Content (2018-08-14)
207 Multi-Status (2018-08-21)
208 Already Reported (2018-08-28)
226 IM Used (2018-09-04)

Redirection 3xx

300 Multiple Choices (2018-09-11)
301 Moved Permanently (2018-09-18)
302 Found (2018-09-25)
303 See Other (2018-10-02)
304 Not Modified (2018-10-09)
305 Use Proxy (2018-10-16)
306 Switch Proxy (2018-10-23)
307 Temporary Redirect (2018-10-30)
308 Permanent Redirect (2018-11-06)
Which redirect do I choose? (2018-11-07)

Client Error 4xx

400 Bad Request (2018-11-13)
401 Unauthorized (2018-11-20)
402 Payment Required (2018-11-27)
403 Forbidden (2018-12-04)
404 Not Found (2018-12-11)
405 Method Not Allowed (2018-12-18)
406 Not Acceptable (2019-01-08)
407 Proxy Authentication Required (2019-01-15)
408 Request Timeout (2019-01-22)
409 Conflict (2019-01-29)
410 Gone (2019-02-05)
411 Length Required (2019-02-12)
412 Precondition Failed (2019-02-19)
413 Payload Too Large (2019-02-26)
414 URI Too Long (2019-03-05)
415 Unsupported Media Type (2019-03-12)
416 Range Not Satisfiable (2019-03-19)
417 Expectation Failed (2019-03-26)
418 I'm a teapot (2019-04-02)
420 Enhance your calm (2019-04-09)
421 Misdirected Request (2019-04-16)
422 Unprocessable Entity (2019-04-23)
423 Locked (2019-04-30)
424 Failed Dependency (2019-05-07)
425 Too Early (2019-05-14)
426 Upgrade Required (2019-05-21)
428 Precondition Required (2019-05-28)
429 Too Many Requests (2019-06-04)
430 Would Block (2019-06-11)
431 Request Header Fields Too Large (2019-06-18)
451 Unavailable For Legal Reasons (2019-06-25)

Server Error 5xx

500 Internal Server Error (2019-07-02)
501 Not Implemented (2019-07-09)
502 Bad Gateway (2019-07-16)
503 Service Unavailable (2019-07-23)
504 Gateway Timeout (2019-07-30)
505 HTTP Version Not Supported (2019-08-06)
506 Variant Also Negotiates (2019-08-13)
507 Insufficient Storage (2019-08-20)
508 Loop Detected (2019-08-30)
510 Not Extended (2019-09-05)
511 Network Authentication Required (2019-09-10)
The end of the HTTP series (2019-09-18)

Web mentions