the new 10K limit for header string length is a bit too strict (solution for issue 424)
Issue #440
resolved
Hi!
We have existing usecases that need 13K or maybe a bit more. It really is nothing exotic, but our 3-step cert chain (x5c) is no longer working (root cert has a huge key )
Is it possible to change the value to maybe 20000, or make it configurable?
com.nimbusds.jose.Header.MAX_HEADER_STRING_LENGTH
Martin Lund
Comments (6)
-
reporter -
- changed status to open
Yeah, with longer RSA keys (is that your case?) this can come up.
I'll bump the limit to 20K. Adding a config will likely require expensive changes to the API.
-
reporter yes exactly, that is the case
Thank you very much for the quick response and solution!
-
- changed status to resolved
Limit is now 20K: c42f79c213c1fd2e68e1db7195209e92ddf92c2c
-
You’re welcome.
The change went to Maven central as v9.12.
-
reporter i am impressed to say the least! really thank you for this!
- Log in to comment
@Vladimir Dzhuvinov just thought to mention you since you worked on the fix that implemented this