Technical Tip: WAD increase client requested length

When using the FortiGate as an explicit proxy, some users may encounter websites on which they are unable to use an HTTP POST request, like a file/comment on Facebook for example.

Problems may be seen if the HTTP request size is larger than the limit configured for the proxy. By default, the FortiGate proxy max-request-length is 4 kilobytes. Starting from FortiOS 5.6.11, the default value has been increased to 8 kilobytes.

To increase the maximum request length inside the web proxy, configure the following CLI settings:

config web-proxy global

    set max-request-length <Integer>

end

The value can be configured between 2 kilobytes and 64 kilobytes.

config web-proxy global

    set max-request-length <Integer>

    max-request-length Enter an integer value from <2> to <64> (default = <8>).

As per RFC 2616, 'Hypertext Transfer Protocol -- HTTP/1.1', there is no limitation defined for the size of an HTTP request. However, client and server implementations may have their own limitations.

An HTTP request from a browser that allows large HTTP requests may be rejected by the FortiGate proxy if it exceeds the configured limit.

Related documents:

• Troubleshooting Tip: Troubleshoot the explicit proxy in the FortiGate
• Technical Tip: Initial steps to troubleshoot Explicit proxy on FortiProxy
• Explicit web proxy | Fortinet Document Library