时间:2020-11-11 11:48:50 | 栏目:PHP代码 | 点击:次
在开发调试支付宝接口时,突然发现支付宝接口的URL很长,远远大于之前自己印象中的255个字符。赶紧搜索查证了一番,理解如下:
URL不能大于255bytes的说法确实存在,在RFC2616中提到:
Note: Servers ought to be cautious about depending on URI lengths above 255 bytes, because some older client or proxy implementations might not properly support these lengths.
从上一点也可以看出,255bytes的说法也是为了兼容性考虑。实际上现代浏览器的限制如下:
Firefox (Browser)
After 65,536 characters, the location bar no longer displays the URL in Windows Firefox 1.5.x. However, longer URLs will work. I stopped testing after 100,000 characters.
Safari (Browser)
At least 80,000 characters will work. I stopped testing after 80,000 characters.
Opera (Browser)
At least 190,000 characters will work. I stopped testing after 190,000 characters. Opera 9 for Windows continued to display a fully editable, copyable and pasteable URL in the location bar even at 190,000 characters.
Apache (Server)
My early attempts to measure the maximum URL length in web browsers bumped into a server URL length limit of approximately 4,000 characters, after which Apache produces a “413 Entity Too Large” error. I used the current up to date Apache build found in Red Hat Enterprise Linux 4. The official Apache documentation only mentions an 8,192-byte limit on an individual field in a request.
Microsoft Internet Information Server
The default limit is 16,384 characters (yes, Microsoft's web server accepts longer URLs than Microsoft's web browser). This is configurable.
Perl HTTP::Daemon (Server)
Up to 8,000 bytes will work. Those constructing web application servers with Perl's HTTP::Daemon module will encounter a 16,384 byte limit on the combined size of all HTTP request headers. This does not include POST-method form data, file uploads, etc., but it does include the URL. In practice this resulted in a 413 error when a URL was significantly longer than 8,000 characters. This limitation can be easily removed. Look for all occurrences of 16×1024 in Daemon.pm and replace them with a larger value. Of course, this does increase your exposure to denial of service attacks.
另外值得注意的是,有文章提到作为<a>的href属性时,URL不能超过1024bytes,这点没有详细查证
综上,URL还是不适合太长,不是不得已,尽量不要通过GET方式提交大量参数,可以考虑用POST方式(大约在2M左右,应该是和服务器及设定有关)。另外这么长的URL在访问和收藏(有文章提到有些浏览器在收藏超长地址时也是会出现问题)时也是相当不友好的。当然,之前数据库字段设置时还是作为255bytes处理,现在可能要考虑扩充一下了。