Subversion Repositories Integrator Subversion

<!DOCTYPE html SYSTEM "about:legacy-compat">

<html lang="en"><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8"><link href="../images/docs-stylesheet.css" rel="stylesheet" type="text/css"><title>Apache Tomcat 9 Configuration Reference (9.0.112) - The HTTP Connector</title></head><body><div id="wrapper"><header><div id="header"><div><div><div class="logo noPrint"><a href="https://tomcat.apache.org/"><img alt="Tomcat Home" src="../images/tomcat.png"></a></div><div style="height: 1px;"></div><div class="asfLogo noPrint"><a href="https://www.apache.org/" target="_blank"><img src="../images/asf-logo.svg" alt="The Apache Software Foundation" style="width: 266px; height: 83px;"></a></div><h1>Apache Tomcat 9 Configuration Reference</h1><div class="versionInfo">

            Version 9.0.112,

            <time datetime="2025-11-06">Nov 6 2025</time></div><div style="height: 1px;"></div><div style="clear: left;"></div></div></div></div></header><div id="middle"><div><div id="mainLeft" class="noprint"><div><nav><div><h2>Links</h2><ul><li><a href="../index.html">Docs Home</a></li><li><a href="index.html">Config Ref. Home</a></li><li><a href="https://cwiki.apache.org/confluence/display/TOMCAT/FAQ">FAQ</a></li><li><a href="#comments_section">User Comments</a></li></ul></div><div><h2>Top Level Elements</h2><ul><li><a href="server.html">Server</a></li><li><a href="service.html">Service</a></li></ul></div><div><h2>Executors</h2><ul><li><a href="executor.html">Executor</a></li></ul></div><div><h2>Connectors</h2><ul><li><a href="http.html">HTTP/1.1</a></li><li><a href="http2.html">HTTP/2</a></li><li><a href="ajp.html">AJP</a></li></ul></div><div><h2>Containers</h2><ul><li><a href="context.html">Context</a></li><li><a href="engine.html">Engine</a></li><li><a href="host.html">Host</a></li><li><a href="cluster.html">Cluster</a></li></ul></div><div><h2>Nested Components</h2><ul><li><a href="cookie-processor.html">CookieProcessor</a></li><li><a href="credentialhandler.html">CredentialHandler</a></li><li><a href="globalresources.html">Global Resources</a></li><li><a href="jar-scanner.html">JarScanner</a></li><li><a href="jar-scan-filter.html">JarScanFilter</a></li><li><a href="listeners.html">Listeners</a></li><li><a href="loader.html">Loader</a></li><li><a href="manager.html">Manager</a></li><li><a href="realm.html">Realm</a></li><li><a href="resources.html">Resources</a></li><li><a href="sessionidgenerator.html">SessionIdGenerator</a></li><li><a href="valve.html">Valve</a></li></ul></div><div><h2>Cluster Elements</h2><ul><li><a href="cluster.html">Cluster</a></li><li><a href="cluster-manager.html">Manager</a></li><li><a href="cluster-channel.html">Channel</a></li><li><a href="cluster-membership.html">Channel/Membership</a></li><li><a href="cluster-sender.html">Channel/Sender</a></li><li><a href="cluster-receiver.html">Channel/Receiver</a></li><li><a href="cluster-interceptor.html">Channel/Interceptor</a></li><li><a href="cluster-valve.html">Valve</a></li><li><a href="cluster-deployer.html">Deployer</a></li><li><a href="cluster-listener.html">ClusterListener</a></li></ul></div><div><h2>web.xml</h2><ul><li><a href="filter.html">Filter</a></li></ul></div><div><h2>Other</h2><ul><li><a href="runtime-attributes.html">Runtime attributes</a></li><li><a href="systemprops.html">System properties</a></li><li><a href="jaspic.html">JASPIC</a></li></ul></div></nav></div></div><div id="mainRight"><div id="content"><h2>The HTTP Connector</h2><h3 id="Table_of_Contents">Table of Contents</h3><div class="text">

<ul><li><a href="#Introduction">Introduction</a></li><li><a href="#Attributes">Attributes</a><ol><li><a href="#Common_Attributes">Common Attributes</a></li><li><a href="#Standard_Implementation">Standard Implementation</a></li><li><a href="#Java_TCP_socket_attributes">Java TCP socket attributes</a></li><li><a href="#NIO_specific_configuration">NIO specific configuration</a></li><li><a href="#NIO2_specific_configuration">NIO2 specific configuration</a></li><li><a href="#APR/native_specific_configuration">APR/native specific configuration</a></li></ol></li><li><a href="#Nested_Components">Nested Components</a></li><li><a href="#Special_Features">Special Features</a><ol><li><a href="#HTTP/1.1_and_HTTP/1.0_Support">HTTP/1.1 and HTTP/1.0 Support</a></li><li><a href="#HTTP/2_Support">HTTP/2 Support</a></li><li><a href="#Proxy_Support">Proxy Support</a></li><li><a href="#Unix_Domain_Socket_Support">Unix Domain Socket Support</a></li><li><a href="#SSL_Support">SSL Support</a></li><li><a href="#SSL_Support_-_SSLHostConfig">SSL Support - SSLHostConfig</a></li><li><a href="#SSL_Support_-_Certificate">SSL Support - Certificate</a></li><li><a href="#SSL_Support_-_Connector_-_NIO_and_NIO2">SSL Support - Connector - NIO and NIO2</a></li><li><a href="#SSL_Support_-_OpenSSL's_SSL_CONF_API">SSL Support - OpenSSL's SSL_CONF API</a></li><li><a href="#Key_store_types">Key store types</a></li><li><a href="#SSL_Support_-_Connector_-_NIO_and_NIO2_(deprecated)">SSL Support - Connector - NIO and NIO2 (deprecated)</a></li><li><a href="#SSL_Support_-_Connector_-_APR/Native_(deprecated)">SSL Support - Connector - APR/Native (deprecated)</a></li><li><a href="#Connector_Comparison">Connector Comparison</a></li></ol></li></ul>

</div><h3 id="Introduction">Introduction</h3><div class="text">

  <p>The <strong>HTTP Connector</strong> element represents a

  <strong>Connector</strong> component that supports the HTTP/1.1 protocol.

  It enables Catalina to function as a stand-alone web server, in addition

  to its ability to execute servlets and JSP pages.  A particular instance

  of this component listens for connections on a specific TCP port number

  on the server.  One or more such <strong>Connectors</strong> can be

  configured as part of a single <a href="service.html">Service</a>, each

  forwarding to the associated <a href="engine.html">Engine</a> to perform

  request processing and create the response.</p>

  <p>If you wish to configure the <strong>Connector</strong> that is used

  for connections to web servers using the AJP protocol (such as the

  <code>mod_jk 1.2.x</code> connector for Apache 1.3), please refer to the

  <a href="ajp.html">AJP Connector</a> documentation.</p>

  <p>Each incoming, non-asynchronous request requires a thread for the duration

  of that request.  If more simultaneous requests are received than can be

  handled by the currently available request processing threads, additional

  threads will be created up to the configured maximum (the value of the

  <code>maxThreads</code> attribute). If still more simultaneous requests are

  received, Tomcat will accept new connections until the current number of

  connections reaches <code>maxConnections</code>. Connections are queued inside

  the server socket created by the <strong>Connector</strong> until a thread

  becomes available to process the connection. Once <code>maxConnections</code>

  has been reached the operating system will queue further connections. The size

  of the  operating system provided connection queue may be controlled by the

  <code>acceptCount</code> attribute. If the operating system queue fills,

  further connection requests may be refused or may time out.</p>

</div><h3 id="Attributes">Attributes</h3><div class="text">

  <div class="subsection"><h4 id="Common_Attributes">Common Attributes</h4><div class="text">

  <p>All implementations of <strong>Connector</strong>

  support the following attributes:</p>

  <table class="defaultTable"><tr><th style="width: 15%;">

          Attribute

        </th><th style="width: 85%;">

          Description

        </th></tr><tr id="Attributes_Common Attributes_allowTrace"><td><code class="attributeName">allowTrace</code></td><td>

      <p>A boolean value which can be used to enable or disable the TRACE

      HTTP method. If not specified, this attribute is set to false. As per RFC

      7231 section 4.3.8, cookie and authorization headers will be excluded from

      the response to the TRACE request. If you wish to include these, you can

      implement the <code>doTrace()</code> method for the target Servlet and

      gain full control over the response.</p>

    </td></tr><tr id="Attributes_Common Attributes_asyncTimeout"><td><code class="attributeName">asyncTimeout</code></td><td>

      <p>The default timeout for asynchronous requests in milliseconds. If not

      specified, this attribute is set to the Servlet specification default of

      30000 (30 seconds).</p>

    </td></tr><tr id="Attributes_Common Attributes_discardFacades"><td><code class="attributeName">discardFacades</code></td><td>

      <p>A boolean value which can be used to enable or disable the recycling

      of the facade objects that isolate the container internal request

      processing objects. If set to <code>true</code> the facades will be

      set for garbage collection after every request, otherwise they will be

      reused. This setting has no effect when the security manager is enabled.

      If not specified, this attribute is set to the value of the

      <code>org.apache.catalina.connector.RECYCLE_FACADES</code> system

      property, or <code>true</code> if not set.</p>

    </td></tr><tr id="Attributes_Common Attributes_enableLookups"><td><code class="attributeName">enableLookups</code></td><td>

      <p>Set to <code>true</code> if you want calls to

      <code>request.getRemoteHost()</code> to perform DNS lookups in

      order to return the actual host name of the remote client.  Set

      to <code>false</code> to skip the DNS lookup and return the IP

      address in String form instead (thereby improving performance).

      By default, DNS lookups are disabled.</p>

    </td></tr><tr id="Attributes_Common Attributes_encodedReverseSolidusHandling"><td><code class="attributeName">encodedReverseSolidusHandling</code></td><td>

      <p>When set to <code>reject</code> request paths containing a

      <code>%5c</code> sequence will be rejected with a 400 response. When set

      to <code>decode</code> request paths containing a <code>%5c</code>

      sequence will have that sequence decoded to <code>\</code> at the same

      time other <code>%nn</code> sequences are decoded. When set to

      <code>passthrough</code> request paths containing a <code>%5c</code>

      sequence will be processed with the <code>%5c</code> sequence unchanged.

      </p>

      <p>When set to <code>decoded</code>, the <strong>allowBackslash</strong>

      attribute will be applied after decoding.

      </p>

      <p>If <code>passthrough</code> is used then it is the application's

      responsibility to perform any further <code>%nn</code> decoding required.

      Any <code>%25</code> sequences (encoded <code>%</code>) in the request

      path with also be processed with the <code>%25</code> sequence unchanged

      to avoid potential corruption and/or decoding failure when the path is

      subsequently <code>%nn</code> decoded by the application.</p>

      <p>If not specified, the default value is <code>decode</code>.</p>

    </td></tr><tr id="Attributes_Common Attributes_encodedSolidusHandling"><td><code class="attributeName">encodedSolidusHandling</code></td><td>

      <p>When set to <code>reject</code> request paths containing a

      <code>%2f</code> sequence will be rejected with a 400 response. When set

      to <code>decode</code> request paths containing a <code>%2f</code>

      sequence will have that sequence decoded to <code>/</code> at the same

      time other <code>%nn</code> sequences are decoded. When set to

      <code>passthrough</code> request paths containing a <code>%2f</code>

      sequence will be processed with the <code>%2f</code> sequence unchanged.

      </p>

      <p>If <code>passthrough</code> is used then it is the application's

      responsibility to perform any further <code>%nn</code> decoding required.

      Any <code>%25</code> sequences (encoded <code>%</code>) in the request

      path with also be processed with the <code>%25</code> sequence unchanged

      to avoid potential corruption and/or decoding failure when the path is

      subsequently <code>%nn</code> decoded by the application.</p>

      <p>If not specified the default value is <code>reject</code>. This default

      may be modified if the deprecated <a href="systemprops.html">system

      property</a>

      <code>org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH</code> is

      set.</p>

    </td></tr><tr id="Attributes_Common Attributes_maxCookieCount"><td><code class="attributeName">maxCookieCount</code></td><td>

      <p>The maximum number of cookies that are permitted for a request. A value

      of less than zero means no limit. If not specified, a default value of 200

      will be used.</p>

    </td></tr><tr id="Attributes_Common Attributes_maxParameterCount"><td><code class="attributeName">maxParameterCount</code></td><td>

      <p>The maximum total number of request parameters (including uploaded

      files) obtained from the query string and, for POST requests, the request

      body if the content type is

      <code>application/x-www-form-urlencoded</code> or

      <code>multipart/form-data</code>. Request parameters beyond this limit

      will be ignored. A value of less than 0 means no limit. If not specified,

      a default of 10000 is used. The <code>FailedRequestFilter</code>

      <a href="filter.html">filter</a> can be used to reject requests that

      exceed the limit.</p>

    </td></tr><tr id="Attributes_Common Attributes_maxPartCount"><td><code class="attributeName">maxPartCount</code></td><td>

      <p>The maximum total number of parts permitted in a request where the

      content type is <code>multipart/form-data</code>. This limit is in

      addition to <code>maxParameterCount</code>. A value of less than 0 means

      no limit. If not specified, a default of 50 is used. Requests that exceed

      this limit may be ignored depending on how the application processes the

      request. The <code>FailedRequestFilter</code>

      <a href="filter.html">filter</a> can be used to always reject requests

      that exceed the limit.</p>

      <p>The nature of multipart requests and the associated Servlet API

      requirements for processing them is such that they can place a significant

      demand on memory. Applications utilising multipart requests need to ensure

      sufficient memory is available to avoid a potential denial of service. As

      a guide, the memory required is <code>maxPartHeaderSize</code> x

      <code>maxPartCount</code> x <code>maxConnections</code> x 2 (due to the

      implementation). For the defaults that is <code>512 x 50 x 8192 x 2</code>

      which is 400MB. If running on Java 8, this is increased by a further

      factor of 2 due to the way Java stores Strings internally which increases

      the default memory requirements to 800MB.</p>

    </td></tr><tr id="Attributes_Common Attributes_maxPartHeaderSize"><td><code class="attributeName">maxPartHeaderSize</code></td><td>

      <p>The maximum number of header bytes permitted per part in a request

      where the content type is <code>multipart/form-data</code>. Requests that

      exceed this limit will be rejected. A value of less than 0 means no limit.

      If not specified, a default of 512 is used.</p>

    </td></tr><tr id="Attributes_Common Attributes_maxPostSize"><td><code class="attributeName">maxPostSize</code></td><td>

      <p>This is the maximum number of request body bytes that will be converted

      into request parameters by Tomcat. This limit only applies in specific

      circumstances and is <strong>not</strong> a general limit on request body

      size for POST requests. The limit only applies when Tomcat is processing

      the request body for parameters as per section 3.1.1

      (<code>application/x-www-form-urlencoded</code>) or section 3.2

      (<code>multipart/form-data</code>) of the Servlet specification. In the

      <code>multipart/form-data</code> case, the limit only applies to the data

      used to generate the parameters that are made available through the

      <code>getParameter()</code> family of methods.</p>

      <p>The limit can be disabled by setting this attribute to a value less

      than zero. If not specified, this attribute is set to 2097152 (2 MiB).

      Note that the

      <a href="filter.html#Failed_Request_Filter"><code>FailedRequestFilter</code></a>

      can be used to reject requests that exceed this limit.</p>

    </td></tr><tr id="Attributes_Common Attributes_maxSavePostSize"><td><code class="attributeName">maxSavePostSize</code></td><td>

      <p>The maximum size in bytes of the request body which will be

      saved/buffered by the container during FORM or CLIENT-CERT authentication

      or during HTTP/1.1 upgrade. For both types of authentication, the request

      body will be saved/buffered before the user is authenticated. For

      CLIENT-CERT authentication, the request body is buffered for the duration

      of the SSL handshake and the buffer emptied when the request is processed.

      For FORM authentication the POST is saved whilst the user is re-directed

      to the login form and is retained until the user successfully

      authenticates or the session associated with the authentication request

      expires. For HTTP/1.1 upgrade, the request body is buffered for the

      duration of the upgrade process. The limit can be disabled by setting this

      attribute to -1. Setting the attribute to zero will disable the saving of

      the request body data during authentication and HTTP/1.1 upgrade. If not

      specified, this attribute is set to 4096 (4 kilobytes).</p>

    </td></tr><tr id="Attributes_Common Attributes_parseBodyMethods"><td><code class="attributeName">parseBodyMethods</code></td><td>

      <p>A comma-separated list of HTTP methods for which request

      bodies using <code>application/x-www-form-urlencoded</code> will be parsed

      for request parameters identically to POST. This is useful in RESTful

      applications that want to support POST-style semantics for PUT requests.

      Note that any setting other than <code>POST</code> causes Tomcat

      to behave in a way that goes against the intent of the servlet

      specification.

      The HTTP method TRACE is specifically forbidden here in accordance

      with the HTTP specification.

      The default is <code>POST</code></p>

    </td></tr><tr id="Attributes_Common Attributes_port"><td><strong><code class="attributeName">port</code></strong></td><td>

      <p>The TCP port number on which this <strong>Connector</strong>

      will create a server socket and await incoming connections.  Your

      operating system will allow only one server application to listen

      to a particular port number on a particular IP address. If the special

      value of 0 (zero) is used, then Tomcat will select a free port at random

      to use for this connector. This is typically only useful in embedded and

      testing applications.</p>

    </td></tr><tr id="Attributes_Common Attributes_protocol"><td><code class="attributeName">protocol</code></td><td>

      <p>Sets the protocol to handle incoming traffic. The default value is

        <code>HTTP/1.1</code> which uses an auto-switching mechanism to select

        either a Java NIO based connector or an APR/native based connector.

        If the <code>PATH</code> (Windows) or <code>LD_LIBRARY_PATH</code> (on

        most unix systems) environment variables contain the Tomcat native

        library, and the <code>AprLifecycleListener</code> that is used to

        initialize APR has its <code>useAprConnector</code> attribute set to

        <code>true</code>, the APR/native connector will be used. If the native library

        cannot be found or the attribute is not configured, the Java NIO based

        connector will be used. Note that the APR/native connector has different

        settings for HTTPS than the Java connectors.<br>

        To use an explicit protocol rather than rely on the auto-switching

        mechanism described above, the following values may be used:<br>

        <code>org.apache.coyote.http11.Http11NioProtocol</code> -

              non blocking Java NIO connector<br>

        <code>org.apache.coyote.http11.Http11Nio2Protocol</code> -

              non blocking Java NIO2 connector<br>

        <code>org.apache.coyote.http11.Http11AprProtocol</code> -

              the APR/native connector.<br>

        Custom implementations may also be used.<br>

        Take a look at our <a href="#Connector_Comparison">Connector

        Comparison</a> chart. The configuration for both Java connectors is

        identical, for http and https.<br>

        For more information on the APR connector and APR specific SSL settings

        please  visit the <a href="../apr.html">APR documentation</a>

      </p>

    </td></tr><tr id="Attributes_Common Attributes_proxyName"><td><code class="attributeName">proxyName</code></td><td>

      <p>If this <strong>Connector</strong> is being used in a proxy

      configuration, configure this attribute to specify the server name

      to be returned for calls to <code>request.getServerName()</code>.

      See <a href="#Proxy_Support">Proxy Support</a> for more

      information.</p>

    </td></tr><tr id="Attributes_Common Attributes_proxyPort"><td><code class="attributeName">proxyPort</code></td><td>

      <p>If this <strong>Connector</strong> is being used in a proxy

      configuration, configure this attribute to specify the server port

      to be returned for calls to <code>request.getServerPort()</code>.

      See <a href="#Proxy_Support">Proxy Support</a> for more

      information.</p>

    </td></tr><tr id="Attributes_Common Attributes_redirectPort"><td><code class="attributeName">redirectPort</code></td><td>

      <p>If this <strong>Connector</strong> is supporting non-SSL

      requests, and a request is received for which a matching

      <code>&lt;security-constraint&gt;</code> requires SSL transport,

      Catalina will automatically redirect the request to the port

      number specified here.</p>

    </td></tr><tr id="Attributes_Common Attributes_scheme"><td><code class="attributeName">scheme</code></td><td>

      <p>Set this attribute to the name of the protocol you wish to have

      returned by calls to <code>request.getScheme()</code>.  For

      example, you would set this attribute to "<code>https</code>"

      for an SSL Connector.  The default value is "<code>http</code>".

      </p>

    </td></tr><tr id="Attributes_Common Attributes_secure"><td><code class="attributeName">secure</code></td><td>

      <p>Set this attribute to <code>true</code> if you wish to have

      calls to <code>request.isSecure()</code> to return <code>true</code>

      for requests received by this Connector. You would want this on an

      SSL Connector or a non SSL connector that is receiving data from a

      SSL accelerator, like a crypto card, an SSL appliance or even a webserver.

      The default value is <code>false</code>.</p>

    </td></tr><tr id="Attributes_Common Attributes_URIEncoding"><td><code class="attributeName">URIEncoding</code></td><td>

      <p>This specifies the character encoding used to decode the URI bytes,

      after %xx decoding the URL. The default value is <code>UTF-8</code>.</p>

    </td></tr><tr id="Attributes_Common Attributes_useBodyEncodingForURI"><td><code class="attributeName">useBodyEncodingForURI</code></td><td>

      <p>This specifies if the encoding specified in contentType should be used

      for URI query parameters, instead of using the URIEncoding. This

      setting is present for compatibility with Tomcat 4.1.x, where the

      encoding specified in the contentType, or explicitly set using

      Request.setCharacterEncoding method was also used for the parameters from

      the URL. The default value is <code>false</code>.

      </p>

      <p><strong>Notes:</strong> 1) This setting is applied only to the

      query string of a request. Unlike <code>URIEncoding</code> it does not

      affect the path portion of a request URI. 2) If request character

      encoding is not known (is not provided by a browser and is not set by

      <code>SetCharacterEncodingFilter</code> or a similar filter using

      Request.setCharacterEncoding method), the default encoding is always

      "ISO-8859-1". The <code>URIEncoding</code> setting has no effect on

      this default.

      </p>

    </td></tr><tr id="Attributes_Common Attributes_useIPVHosts"><td><code class="attributeName">useIPVHosts</code></td><td>

      <p>Set this attribute to <code>true</code> to cause Tomcat to use

      the IP address that the request was received on to determine the Host

      to send the request to.  The default value is <code>false</code>.</p>

    </td></tr><tr id="Attributes_Common Attributes_xpoweredBy"><td><code class="attributeName">xpoweredBy</code></td><td>

      <p>Set this attribute to <code>true</code> to cause Tomcat to advertise

      support for the Servlet specification using the header recommended in the

      specification.  The default value is <code>false</code>.</p>

    </td></tr></table>

  </div></div>

  <div class="subsection"><h4 id="Standard_Implementation">Standard Implementation</h4><div class="text">

  <p>The standard HTTP connectors (NIO, NIO2 and APR/native) all support the

  following attributes in addition to the common Connector attributes listed

  above.</p>

  <table class="defaultTable"><tr><th style="width: 15%;">

          Attribute

        </th><th style="width: 85%;">

          Description

        </th></tr><tr id="Attributes_Standard Implementation_acceptCount"><td><code class="attributeName">acceptCount</code></td><td>

      <p>The maximum length of the operating system provided queue for incoming

      connection requests when <code>maxConnections</code> has been reached. The

      operating system may ignore this setting and use a different size for the

      queue. When this queue is full, the operating system may actively refuse

      additional connections or those connections may time out. The default

      value is 100.</p>

    </td></tr><tr id="Attributes_Standard Implementation_acceptorThreadPriority"><td><code class="attributeName">acceptorThreadPriority</code></td><td>

      <p>The priority of the acceptor thread. The thread used to accept

      new connections. The default value is <code>5</code> (the value of the

      <code>java.lang.Thread.NORM_PRIORITY</code> constant). See the JavaDoc

      for the <code>java.lang.Thread</code> class for more details on what

      this priority means.</p>

    </td></tr><tr id="Attributes_Standard Implementation_address"><td><code class="attributeName">address</code></td><td>

      <p>For servers with more than one IP address, this attribute specifies

      which address will be used for listening on the specified port. By

      default, the connector will listen all local addresses. Unless the JVM is

      configured otherwise using system properties, the Java based connectors

      (NIO, NIO2) will listen on both IPv4 and IPv6 addresses when configured

      with either <code>0.0.0.0</code> or <code>::</code>. The APR/native

      connector will only listen on IPv4 addresses if configured with

      <code>0.0.0.0</code> and will listen on IPv6 addresses (and optionally

      IPv4 addresses depending on the setting of <strong>ipv6v6only</strong>) if

      configured with <code>::</code>.</p>

    </td></tr><tr id="Attributes_Standard Implementation_allowHostHeaderMismatch"><td><code class="attributeName">allowHostHeaderMismatch</code></td><td>

      <p>By default Tomcat will reject requests that specify a host in the

      request line but specify a different host in the host header. This

      check can be disabled by setting this attribute to <code>true</code>. If

      not specified, the default is <code>false</code>.

      <br>

      This setting will be removed in Tomcat 11 onwards where it will be

      hard-coded to <code>false</code>.</p>

    </td></tr><tr id="Attributes_Standard Implementation_allowedTrailerHeaders"><td><code class="attributeName">allowedTrailerHeaders</code></td><td>

      <p>By default Tomcat will ignore all trailer headers when processing

      chunked input. For a header to be processed, it must be added to this

      comma-separated list of header names.</p>

    </td></tr><tr id="Attributes_Standard Implementation_bindOnInit"><td><code class="attributeName">bindOnInit</code></td><td>

      <p>Controls when the socket used by the connector is bound. If set to

      <code>true</code> it is bound when the connector is initiated and unbound

      when the connector is destroyed. If set to <code>false</code>, the socket

      will be bound when the connector is started and unbound when it is

      stopped. If not specified, the default is <code>true</code>.</p>

    </td></tr><tr id="Attributes_Standard Implementation_clientCertProvider"><td><code class="attributeName">clientCertProvider</code></td><td>

      <p>When client certificate information is presented in a form other than

      instances of <code>java.security.cert.X509Certificate</code> it needs to

      be converted before it can be used and this property controls which JSSE

      provider is used to perform the conversion. For example it is used with

      the <a href="ajp.html">AJP connectors</a>, the HTTP APR connector and

      with the <a href="valve.html#SSL_Authenticator_Valve">

      org.apache.catalina.valves.SSLValve</a>. If not specified, the default

      provider will be used.</p>

    </td></tr><tr id="Attributes_Standard Implementation_compressibleMimeType"><td><code class="attributeName">compressibleMimeType</code></td><td>

      <p>The value is a comma separated list of MIME types for which HTTP

      compression may be used.

      The default value is

      <code>

      text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json,application/xml

      </code>.

      If you specify a type explicitly, the default is over-ridden.</p>

    </td></tr><tr id="Attributes_Standard Implementation_compression"><td><code class="attributeName">compression</code></td><td>

      <p>The <strong>Connector</strong> may use HTTP/1.1 GZIP compression in

      an attempt to save server bandwidth. The acceptable values for the

      parameter is "off" (disable compression), "on" (allow compression, which

      causes text data to be compressed), "force" (forces compression in all

      cases), or a numerical integer value (which is equivalent to "on", but

      specifies the minimum amount of data before the output is compressed). If

      the content-length is not known and compression is set to "on" or more

      aggressive, the output will also be compressed. If not specified, this

      attribute is set to "off".</p>

      <p><em>Note</em>: There is a tradeoff between using compression (saving

      your bandwidth) and using the sendfile feature (saving your CPU cycles).

      If the connector supports the sendfile feature, e.g. the NIO connector,

      using sendfile will take precedence over compression. The symptoms will

      be that static files greater that 48 KiB will be sent uncompressed.

      You can turn off sendfile by setting <code>useSendfile</code> attribute

      of the connector, as documented below, or change the sendfile usage

      threshold in the configuration of the

      <a href="../default-servlet.html">DefaultServlet</a> in the default

      <code>conf/web.xml</code> or in the <code>web.xml</code> of your web

      application.

      </p>

    </td></tr><tr id="Attributes_Standard Implementation_compressionMinSize"><td><code class="attributeName">compressionMinSize</code></td><td>

      <p>If <strong>compression</strong> is set to "on" then this attribute

      may be used to specify the minimum amount of data before the output is

      compressed. If not specified, this attribute is defaults to "2048".

      Units are in bytes.</p>

    </td></tr><tr id="Attributes_Standard Implementation_connectionLinger"><td><code class="attributeName">connectionLinger</code></td><td>

      <p>The number of seconds during which the sockets used by this

      <strong>Connector</strong> will linger when they are closed. The default

      value is <code>-1</code> which disables socket linger.</p>

    </td></tr><tr id="Attributes_Standard Implementation_connectionTimeout"><td><code class="attributeName">connectionTimeout</code></td><td>

      <p>The number of milliseconds this <strong>Connector</strong> will wait,

      after accepting a connection, for the request URI line to be

      presented. Use a value of -1 to indicate no (i.e. infinite) timeout.

      The default value is 60000 (i.e. 60 seconds) but note that the standard

      server.xml that ships with Tomcat sets this to 20000 (i.e. 20 seconds).

      Unless <strong>disableUploadTimeout</strong> is set to <code>false</code>,

      this timeout will also be used when reading the request body (if any).</p>

    </td></tr><tr id="Attributes_Standard Implementation_connectionUploadTimeout"><td><code class="attributeName">connectionUploadTimeout</code></td><td>

      <p>Specifies the timeout, in milliseconds, to use while a data upload is

      in progress. If not specified the default

      value is 300000 (i.e. 300 seconds). This only takes effect if

      <strong>disableUploadTimeout</strong> is set to <code>false</code>.

      </p>

    </td></tr><tr id="Attributes_Standard Implementation_continueResponseTiming"><td><code class="attributeName">continueResponseTiming</code></td><td>

      <p>When to respond with a <code>100</code> intermediate response code to a

      request containing an <code>Expect: 100-continue</code> header.

      The following values may used:

      <ul>

      <li><code>immediately</code> - an intermediate 100 status response

      will be returned as soon as practical</li>

      <li><code>onRead</code> - an intermediate 100 status

      response will be returned only when the Servlet reads the request body,

      allowing the servlet to inspect the headers and possibly respond

      before the user agent sends a possibly large request body.</li>

      </ul>

      </p>

    </td></tr><tr id="Attributes_Standard Implementation_defaultSSLHostConfigName"><td><code class="attributeName">defaultSSLHostConfigName</code></td><td>

      <p>The name of the default <strong>SSLHostConfig</strong> that will be

      used for secure connections (if this connector is configured for secure

      connections) if the client connection does not provide SNI or if the SNI

      is provided but does not match any configured

      <strong>SSLHostConfig</strong>. If not specified the default value of

      <code>_default_</code> will be used. Provided values are always converted

      to lower case.</p>

    </td></tr><tr id="Attributes_Standard Implementation_disableUploadTimeout"><td><code class="attributeName">disableUploadTimeout</code></td><td>

      <p>This flag allows the servlet container to use a different, usually

      longer connection timeout during data upload. If not specified, this

      attribute is set to <code>true</code> which disables this longer timeout.

      </p>

    </td></tr><tr id="Attributes_Standard Implementation_executor"><td><code class="attributeName">executor</code></td><td>

      <p>A reference to the name in an <a href="executor.html">Executor</a>

      element. If this attribute is set, and the named executor exists, the

      connector will use the executor, and all the other thread attributes will

      be ignored. Note that if a shared executor is not specified for a

      connector then the connector will use a private, internal executor to

      provide the thread pool.</p>

    </td></tr><tr id="Attributes_Standard Implementation_executorTerminationTimeoutMillis"><td><code class="attributeName">executorTerminationTimeoutMillis</code></td><td>

      <p>The time that the private internal executor will wait for request

      processing threads to terminate before continuing with the process of

      stopping the connector. If not set, the default is  <code>5000</code> (5

      seconds).</p>

    </td></tr><tr id="Attributes_Standard Implementation_keepAliveTimeout"><td><code class="attributeName">keepAliveTimeout</code></td><td>

      <p>The number of milliseconds this <strong>Connector</strong> will wait

      for another HTTP request before closing the connection. The default value

      is to use the value that has been set for the

      <strong>connectionTimeout</strong> attribute.

      Use a value of -1 to indicate no (i.e. infinite) timeout.</p>

    </td></tr><tr id="Attributes_Standard Implementation_maxConnections"><td><code class="attributeName">maxConnections</code></td><td>

      <p>The maximum number of connections that the server will accept and

      process at any given time. When this number has been reached, the server

      will accept, but not process, one further connection. This additional

      connection be blocked until the number of connections being processed

      falls below <strong>maxConnections</strong> at which point the server will

      start accepting and processing new connections again. Note that once the

      limit has been reached, the operating system may still accept connections

      based on the <code>acceptCount</code> setting. The default value

      is <code>8192</code>.</p>

      <p>For NIO/NIO2 only, setting the value to -1, will disable the

      maxConnections feature and connections will not be counted.</p>

    </td></tr><tr id="Attributes_Standard Implementation_maxExtensionSize"><td><code class="attributeName">maxExtensionSize</code></td><td>

      <p>Limits the total length of chunk extensions in chunked HTTP requests.

      If the value is <code>-1</code>, no limit will be imposed. If not

      specified, the default value of <code>8192</code> will be used.</p>

    </td></tr><tr id="Attributes_Standard Implementation_maxHeaderCount"><td><code class="attributeName">maxHeaderCount</code></td><td>

      <p>The maximum number of headers in a request that are allowed by the

      container. A request that contains more headers than the specified limit

      will be rejected. A value of less than 0 means no limit.

      If not specified, a default of 100 is used.</p>

    </td></tr><tr id="Attributes_Standard Implementation_maxHttpHeaderSize"><td><code class="attributeName">maxHttpHeaderSize</code></td><td>

      <p>Provides the default value for

      <strong>maxHttpRequestHeaderSize</strong> and

      <strong>maxHttpResponseHeaderSize</strong>. If not specified, this

      attribute is set to 8192 (8 KiB).</p>

    </td></tr><tr id="Attributes_Standard Implementation_maxHttpRequestHeaderSize"><td><code class="attributeName">maxHttpRequestHeaderSize</code></td><td>

      <p>The maximum permitted size of the request line and headers associated

      with an HTTP request, specified in bytes. This is compared to the number

      of bytes received so includes line terminators and whitespace as well as

      the request line, header names and header values. If not specified, this

      attribute is set to the value of the <code>maxHttpHeaderSize</code>

      attribute.</p>

      <p>If you see "Request header is too large" errors you can increase this,

      but be aware that Tomcat will allocate the full amount you specify for

      every request. For example, if you specify a maxHttpRequestHeaderSize of

      1 MB and your application handles 100 concurrent requests, you will see

      100 MB of heap consumed by request headers.</p>

    </td></tr><tr id="Attributes_Standard Implementation_maxHttpResponseHeaderSize"><td><code class="attributeName">maxHttpResponseHeaderSize</code></td><td>