I am using JBoss EAP 6.3.
The default parameter length in POST accepted by JBoss is 512. We can change it using the org.apache.tomcat.util.http.Parameters.MAX_COUNT in system-properties.
Is it safe to use it and does JBoss EAP 6.3 handle the java hash vulnerabilities inside the container?
We have large XML file which needs to be uploaded and we have to increase the default parameter length for
org.apache.tomcat.util.http.Parameters.MAX_COUNT.
Just wanted to confirm if it can lead to DoS(Denial of Service) if its used by a hacker in some wrong way.