Remove arbitrary cap on length of outgoing headers.

The cap is too low for some uses, and it's unclear if it's worth keeping. Closes tornadoweb#1473. Closes tornadoweb#1025.
noxiouz · Jul 30, 2015 · 95c4dce · 95c4dce
1 parent 1d02ed6
commit 95c4dce
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/tornado/web.py b/tornado/web.py
@@ -362,10 +362,8 @@ def _convert_header_value(self, value):
         else:
             raise TypeError("Unsupported header value %r" % value)
         # If \n is allowed into the header, it is possible to inject
-        # additional headers or split the request. Also cap length to
-        # prevent obviously erroneous values.
-        if (len(value) > 4000 or
-                RequestHandler._INVALID_HEADER_CHAR_RE.search(value)):
+        # additional headers or split the request.
+        if RequestHandler._INVALID_HEADER_CHAR_RE.search(value):
             raise ValueError("Unsafe header value %r", value)
         return value