browsers
URL

What is the maximum length of a URL in different browsers?

Master System Design with Codemia

Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.

Introduction

There is no official maximum URL length in the HTTP specification (RFC 2616 says servers "SHOULD" handle URIs of any length), but browsers and servers impose practical limits. The safe maximum for cross-browser, cross-server compatibility is 2,048 characters. Below that threshold, every modern browser, server, and CDN will handle your URL without issues.

Browser URL Length Limits

BrowserMaximum URL LengthNotes
Google Chrome2,097,152 characters (2 MB)Increased from 32,767 in Chrome 118+ (2023). Practical limit is still lower due to server constraints.
Mozilla Firefox65,536 characters (64 KB)Longer URLs load but may be truncated in the address bar display.
Safari80,000 characters (approx.)Apple does not publish an official limit. Tested values vary by version.
Microsoft EdgeSame as Chrome (Chromium-based)Edge switched to Chromium in 2020. Shares Chrome's URL handling.
Internet Explorer 112,083 charactersThe most restrictive browser. Path portion limited to 2,048 characters. IE is end-of-life but some enterprise apps still target it.
OperaSame as Chrome (Chromium-based)Shares Chrome's engine and limits.

Important Caveat

Browser limits are rarely the binding constraint. Server limits, CDN limits, and proxy limits are almost always lower. A URL that Chrome can render may still be rejected by the server.

Server and Infrastructure Limits

Server / ServiceDefault URL Length LimitConfiguration
Apache (httpd)8,190 charactersLimitRequestLine directive in httpd.conf
Nginx4,096 characters (header buffer)large_client_header_buffers directive
IIS16,384 charactersmaxUrl in requestLimits (web.config)
Node.js (http module)16,384 characters--max-http-header-size flag
AWS ALB / CloudFront8,192 charactersNot configurable
Cloudflare16,384 charactersNot configurable
Google Cloud Load Balancer8,192 charactersNot configurable

How to Increase Limits

Apache:

apache
# httpd.conf or .htaccess
LimitRequestLine 16384

Nginx:

nginx
# nginx.conf
large_client_header_buffers 4 16k;

IIS:

xml
1<!-- web.config -->
2<system.webServer>
3    <security>
4        <requestFiltering>
5            <requestLimits maxUrl="16384" maxQueryString="8192" />
6        </requestFiltering>
7    </security>
8</system.webServer>

Node.js:

bash
node --max-http-header-size=32768 app.js

What the Standards Say

RFC 2616 / RFC 7230

The HTTP specification does not define a maximum URL length. Section 3.1.1 of RFC 7230 states:

HTTP does not place a predefined limit on the length of a request-target. A server that receives a request-target longer than any URI it wishes to parse MUST respond with a 414 (URI Too Long) status code.

In practice, servers return 414 Request-URI Too Long when the URL exceeds their configured limit.

RFC 3986 (URI Syntax)

The URI specification also does not set a maximum length. It only defines the syntax (scheme, authority, path, query, fragment).

When URL Length Becomes a Problem

Query Strings with Complex Filters

 
https://api.example.com/search?category=electronics&brand=Samsung&brand=Apple
&brand=Sony&price_min=100&price_max=5000&color=black&color=white&color=silver
&sort=price_asc&page=1&fields=id,name,price,rating,reviews&include=variants

This is only around 250 characters, but real-world filter UIs can generate URLs with dozens of facets, each with multiple values. These can easily exceed 2,000 characters.

Solution: Switch to POST requests for complex search queries, or use URL shortening/compression:

javascript
1// Compress filter state into a short hash
2const filters = { brands: ['Samsung', 'Apple'], priceRange: [100, 5000] };
3const encoded = btoa(JSON.stringify(filters));
4// URL: /search?q=eyJicmFuZHMiOlsiU2Ftc3VuZyIsIkFwcGxlIl0sInByaWNlUmFuZ2UiOlsxMDAsNTAwMF19

Tracking Parameters

Marketing URLs with UTM parameters, affiliate IDs, and session tokens can grow substantially:

 
https://example.com/product/widget?utm_source=newsletter&utm_medium=email
&utm_campaign=spring_sale_2026&utm_content=hero_banner&utm_term=widgets
&ref=aff_12345&session=a1b2c3d4e5f6&fbclid=...&gclid=...

Solution: Move tracking data to cookies or request headers instead of URL parameters.

Data URIs in URLs

Embedding base64-encoded images or data in URLs can produce extremely long strings. Use proper file uploads or API endpoints instead.

SEO Implications

Search engines can handle long URLs, but there are practical impacts:

  • Google displays approximately 50-60 characters of a URL in search results. Longer URLs are truncated with an ellipsis.
  • Crawl efficiency is reduced with excessively long URLs. Googlebot's John Mueller has said to keep URLs "reasonably short" for best crawl coverage.
  • Click-through rate decreases when users see long, complex URLs in search results. A clean, descriptive URL like /shoes/running/nike-air-max outperforms /product?id=12345&cat=4&subcat=7&variant=9.
  • Social sharing is affected because platforms like Twitter/X count URL characters toward the post limit (even with link shortening, the display is affected).

Testing URL Length

Browser Console

javascript
1// Generate a URL of specific length and test it
2const baseUrl = 'https://example.com/test?data=';
3const padding = 'x'.repeat(2048 - baseUrl.length);
4const testUrl = baseUrl + padding;
5console.log('URL length:', testUrl.length);
6window.location.href = testUrl;

curl

bash
1# Test a long URL against your server
2long_param=$(python3 -c "print('x' * 8000)")
3curl -v "https://your-server.com/test?data=${long_param}" 2>&1 | grep "< HTTP"
4# Look for 414 if the URL is too long

Common Pitfalls

  • Designing APIs that only use GET with query parameters. For complex queries, use POST with a JSON body. GET with query parameters should be reserved for simple, bookmarkable requests.
  • Assuming all proxies and CDNs support the same limits as your server. A reverse proxy, load balancer, or CDN between the client and your server may have a lower limit than your application server. Test the full request path.
  • URL-encoding pushing URLs over the limit. Characters like spaces, brackets, and Unicode are percent-encoded (e.g., a space becomes %20), which triples the character count. A 1,500-character URL with many special characters can expand to 4,500+ characters after encoding.
  • Relying on browser limits instead of server limits. The server (or the load balancer in front of it) is almost always the bottleneck, not the browser.
  • Storing application state in the URL. Some SPAs serialize entire state objects into the URL hash or query string. This works until the state grows large enough to hit server or proxy limits. Use sessionStorage, localStorage, or a server-side session instead.

Summary

  • The safe cross-browser maximum is 2,048 characters. This covers IE 11 and all server defaults.
  • Modern browsers (Chrome, Firefox, Safari, Edge) support 32,000-2,000,000+ character URLs, but servers rarely accept more than 8,000-16,000.
  • Server limits are configurable in Apache (LimitRequestLine), Nginx (large_client_header_buffers), and IIS (maxUrl).
  • CDNs and load balancers (AWS ALB, Cloudflare) often have non-configurable limits around 8,000-16,000 characters.
  • URL encoding can triple the character count. Account for this when estimating URL length.
  • For complex queries that would produce long URLs, switch to POST requests with a JSON body.
  • Keep URLs under 2,000 characters for maximum compatibility, SEO benefit, and user experience.

Course illustration
Course illustration

All Rights Reserved.