I have an Apache server which gets a malformed HTTP Request (cookie size is very big). The server displays the Cookie value along with Bad Request. Is there a way to handle this?
I tried ErrorDocument directive, but that is not helping in this case.
Look at this page it will explain it in detail. And it will also show you the exact same problem as you describe:
Example with explanation: http://stevesouders.com/tests/cookie-max.php
If you want to have custom error handling
ErrorDocument 400
should do the job if configured correctly in the .htaccess
file. You might also configure it directly in httpd.conf
(see.: https://serverfault.com/questions/158122/problems-redirecting-error-400-bad-request-to-custom-page).
Despite the possibility to fix this with this configuration option you should consider to do the following based on the reason why the error occured:
Fix your code
this should never happen and cookies should never exceed 4k
in totalFix nothing
. Never invest time in nice-looking-pages which will only be seen by ppl who try to exploit things somehow