views:

814

answers:

4

Hello,
I am designing a web application which is a tie in to my iPhone application. It sends massively large URLs to the web server (15000 about.) I was using NearlyFreeSpeech.net, but they only support URLS up to 2000 characters. I was wondering if anybody knows of web hosting that will support really large URLs? Thanks, Isaac

Edit: My program needs to open a picture in Safari. I could do this 2 ways:

  • send it base64 encoded in the URL and just echo the query parameters.
  • first POST it to the server in my application, then the server would send back a unique ID after storing the photo in a database, which I would append to a URL which I would open in Safari which retrieved the photo from the database and delete it from the database.

You see, I am lazy, and I know Mobile Safari can support URI's up to 80 000 characters, so I think this is a OK way to do it. If there is something really wrong with this, please tell me.

Edit: I ended up doing it the proper POST way. Thanks.

+2  A: 

Although it's not directly answering your question, and there is no official maximum length of a URL, browsers and servers have practical limits - see http://www.boutell.com/newfaq/misc/urllength.html for some details. In short, since IE (at least some versions in use) doesn't support URLs over 2,083 characters, it's probably wise to stay below that length.

Bobby Jack
+14  A: 
ceejayoz
The hard limit in IIS 6 is 32,767 characters.
George V. Reilly
I've hit that cap before :( Using Google's charts API
Mark
LOL. Advice: protect this post from LOL comments.
abel
+2  A: 

If you need to just open it in Safari, and the server doesn't need to be involved, why not use a data: URI?

Sending long URIs over the network is basically never the right thing to do. As you noticed, some web hosts don't support long URIs. Some proxy servers may also choke on long URLs, which means that your app might not work for users who are behind those proxies. If you ever need to port your app to a different browser, other browsers may not support URIs that long.

If you need to get data up to a server, use a POST. Yes, it's an extra round trip, but it will be much more reliable.

Also, if you are uploading data to the server using a GET request, then you are vulnerable to all kinds of cross-site request forgery attacks; basically, an attacker can trick the user into uploading, say, goatse to their account simply by getting them to click on a link (perhaps hidden by TinyURL or another URL shortening service, or just embedded as a link in a web page when they don't look closely at the URL they're clicking on).

You should never use GET for sending data to the server, beyond query parameters that don't actually change anything on the server.

Brian Campbell
Hello,That is the whole point - but there is a SUPER annoying bug in openURL: that does not let you open data: uris. So, my web site takes the Base64 encoded data and makes it into a data uri and redirects you there :(
Isaac Waller
If they don't support that, then I think you'll need to go with the POST route. Large amounts of data in a URL will just cause you all kinds of compatibility headaches, and mirroring data back from a GET request will cause all kinds of cross-site request forgery issues.
Brian Campbell
A: 

Thanks for sharing such nice information

komin
@komin use comments
abel