We use Microsoft Graph Users API to track changes of users in Azure AD.
https://learn.microsoft.com/en-us/graph/api/user-delta?view=graph-rest-1.0&tabs=http
In API response, we acquire #data.nextlink, to fetch next set of users. This #data.nextlink is unusually long more than 8000 characters for a particular user. We noticed most of the users contains #data.nextlink,which is less than 4000 characters.
Our Http Client and proxy servers reject the url due to length. Is this an issue? What is the standard length of #data.nextlink.
https://graph.microsoft.com/v1.0/users/delta?$skiptoken=CWVE8SyYFHfrk4xYFHxyyjsB-BsphNwOPo-vbCJuhNEouCI2oNdgkaSeHwkaUJJ9bZh9Dna67EXCHYh8uOyekYp42dnF4J_h-TYxbruxrMKJeyOxsVYwu63dHFBeYj4IE6XtlOtuADejKHSnPq0vHhvaHWUMnFwvTB3aiMrNQRHV7YhDnqcBAmY4MR32GkZFk9xElNVCvDmql98bwa2QpBU2Vk4RDI07SfKiHCro9jA7zz6HdsMXnBMI_NdKv6boaVdyz29nHTqg7J7G8alLQYlT_88iwppE0JBKpG8SAW_PsTOtrlBeetLYORphdkzm0FZ9lh0v4GrWxb2VGSnuDi-ntJ2qT3TIh8MeJs3xxVxRppK86_RhOoZHcQYK9Py1_0d64_XTdmvBgAPgRy9woIgIpRwYsMLZzsJByNd-OxDXZ-ncfzmezn-bP0vPSGXvo_KTGbpKrboXu3eR_8wvo9gvVDc_scq082DNOAZ_iUCIKwfMeFgminoYlvPK_fRoVdiVEV142TPT9UQCAGsoKRCzsbfTuCB10BbrUdiPKD1uHmKc71M5tmDrF1Bg5nOqvAVzHXUCx6fycvdXzrp_IzO6d99Hxzv1jYfUEmitQfoGjoddtguEQmCdbZiuaSCPRgzt7ykP2na4WuKPK8-Mt_idYh4uWVGsg6TBzfBXK298PCGmk7J1i3w9IfVN2zygoQTMpuxVQb09CT7DzN3iV5cV55ew8XCoZZwLC_Ry17JTcj4c6qfKiAZeTsamp8b9ju41zNqImgodc42fRE6U7nZSSRkWSh8iJImV4uTbMqOZOqf6AlkeMy3KqjaZuGkNIlwAXv4nkfF1vtZkxf-UWp5R-D-c0OBC5vFfYK-MUQkkMlDkTawFCdSpslGfYgCaVKayKKH9RlupHHaJ5G5ts0t1T91J247-V7PGWYwJcAvjUapl3VlOZTOfl2aEvSZYkLPMjX5xbchUwvhkJDqZjZIjH8mUp4znGEK14LqQ-N1MiTDcFWhlmttuKJ0kNNLOno_17GlPpu2mCu0DTkT5ymYmPZzFVIE1BJgP2M2sJFiw1fhMpqObciMpCy5PcMtbUqX54dVcgmnM7z8ZLYX6lMP8aV3xqnVouPiDSihF0RKG7AqjQrWB-wX36w8dREoE7dlinGoXjxg9_ZlG13qR9A0xVyCA7sXJUT03HcnS2KDM1cFlZRW7M5OqIygI_MzrVhjo0K-LgmfCFN2ogNc6LTNZLbPZAaImRnPy3bsYGO_WyYbiG4qkQqo1QKtOwcORnpGOL-ZdPqYzCqsvC_MqtEdxTqFt09jf7tWQPFiEJHMsFOwR2ZiNx8HOyo6TQcj_CmgG2kNownON2sq1sdlqWtm2tzYfDLrG3Vec6oLyB2mAWarqCFsqwvzn6AvWK2y4OpygnMy_eIk2KRrFxRWcnnbrJOeKew7QmNMKzQDfmeLkyA6cln_KTr8mCB6gsL082niZ_ZfY_3yG9sp6RPnN5TF5RxzPFsD1EyvuN6Y9UOme-vinGUJHt-Pc_Hv-rLhAcg-qY0GuA9nOzQDE3vwaJ8deWXxuXkRK1OquJ7h3jkHQU6DnzuBCcJmZWD9yqq-Q_9bKm5nGn_586udpzqjVjRrwOvC5wJOIxvDn3gswfMM99c_9BBVZVEMeB7brrdfNIhl8mLBycZFgfHko72qCMx_d80CD5yqVC8kkMK9uzFbaJuk9-b8PiwlY4zkHlauvjCN7uikrqB8Bf2nlSTPInphyw9iU8aTiN4qhkRRrD0ZTrjWqX8c_OtSlvoJkcZjnDEAQrKVlFmcChzXCA5nRCokyniQ-hPfZjUB9I8K9MyFnrIYYowXCykySUBu-ZFXBFdymHAty7MN-VYkFkzyKh-JvuS3gCJuuyoibmvoVh7f3jvL8kjBcwVWxQne7feriS4SRPqoUzp0iwP5kgW6kbVFf-w0vzwmZTVA8R1Me5BAvgyPM4Cm13TgYYo1TFWBDs062vQfUl7p_iREwMlz_0b84L_UXlmq_A2-cQxsNwFdMHx7gRWk0BWeM96slD6JCOcFXZbxU7WykNW_3UzSe6tUugCMznsIkDvfFeiDGU-WnhnDY9j1zQCdSj6Fft3p2sS51lSHjSRE5SD115dVq7wGcj_GMAOJ5RTRQGpLSnX9_5yJOD7e0QpIEs33XxemBWaucdJIL8kEpVDKhvaNhjut-83uUQ9cdslYIOBKFvRJVZeEZkauEmsb0nnd1QXu_otebvDizo8XQ3hdGNTyGhMgc9pWz3j53VqQN4UVIheViRCH-t6ZxETizymGdMIrMl4jUB2AU0lyqKXtOVYOUKWa0xIA-g64Rxn7TTQA8MMBt-BdGbkffSjCOQAe7EVxtZZSBjwdRFQDNNlZrdIzQapeA6upUHijozNa2e_Z-_8r-NpNzWtg3pYTsC2K4OyV2ldRntLqyTZQUkjdIYr_UwnycerTDWCkDjB2KhIcbxCH6bCtlOBHXCAZdUXoJWrzxjRmYo7vlVUGkicpj_w9JbYq0UfjCuVWStuvmyDcbQ3KlMCxozzpjC1YixQGa7__ZD7lVEUYSIlajGa6SFWvRup_CbhnJ8L3h7kPWU7nG2D6KvNhcablOLC1f_djpBTZD00Z9mRwtsBF3BsmjlbxQS-Deuzph2sMAhMKlGuQCKWs8zGZv-TOMvHnIB2ZAlJEBHq9iOW35xSShBqVx002yMUGwNnmF9__ZtWrG98fFum6myfZP5oBXYPfP5UrtaQvERgCzR6VrDVhEFc0Ix69mWZLp7p41uHCmZx_l4ed_OlPPGkNaldPD29JQj_DgsY6LLUZsCN0EEniVy8wXzLXOte4q3Dqv5WX5JbRGzCmgw6zptCABZTE9m40qPO-Mzg47VjuJK2pepF4_i4zrC_JbHmmxfVgwAVNHD9jw6IPzj81rO5kVlAxNihaTfmof0au6aeMNq5vDQG4_B9rh6bo-6FB95yib5_EmXLnNKwlaJlT0KRhtGhCx0x4bwk0b_8SzPOZ6Kkf3LoCQbSvnO5FKy_ulPIwqF10nZuo6LPVNLxn4B7fpr4kAP2uECVw5mmoAHZw_iIXFiD7AIz99WFXLk8XJ0U1qgqi4287uZXeecaSKXzhjdBbHwr-eF6P48aQibDD91796B_v_1F0pDBxez5buy0WPDtwzHcSVUcUsMc7qRpa-kqGwgkWOzylBXvWbUbBF73Rs9kLrEgkn3VnK7e1ltaHBWuvC8Pnyvdu6HisnrlJTpSRDcNlh6KhV1n-IozOt3MnE3uLwnSK3sWr7HFvPyo-TVicIdZYQAAQ_1bRaYvzskUuv6AheZenqFdPvrqmANntsO_HQnfEY_TqAowecFyggeEDfCxqkz92DL7vMteCZlalzWY-GyXqpdyC6eLneoNz3DlbCDa7eHlvJb1n7-HMbTGr4ItNjrxvoJfzZHqVbv3kbHkZbIULhT-pyvl7bfy1DXP14zEf6Uwa8fDFvWODFCf3OpWim1srKmwTNIIGb9zhAjJha8JaoXznHsrjicCX5AaO0_-NFEepmIGzNvTrTP7VH14E-8gmJezVDlZjgmvrPvhR79E6vAlSGywtYHuskNyJDNhMrDJPOa2g0v3NZYO4PWirK_G5E6xp-oYMMcMaSE7ldjtp9B03Mg5ptkfbZHkbQwUFPNgH79WirPt-U7woJgkS6IMei4VjZbuoFlxvn5V-qYpZ9ZMWEOSpSHhYmIag5fkiMYnuS5WVUqAweHpCP9lHOncYvJzqyiKCZGJcOt94u_E8T3RqCvS-WTLLlm3aIIXw9s4Tt18ivktkxVV3AV03iA4rmRldQK4kk8DrIKPNxIwX4mYNRijoGZRzxpofGA8DRC5XVGFuQxBf4PV1U1DYiAO8BVAiFpTIJRL1WxX70Ei1Q79nA1ZrcNN8TTRbWV2pchhYq29-glbH4AFL_fHq4UrhdzIQDg-SXK8br0sGtphcSWh9wo0vpx9IBHYOPzc6y1kpkqhp1i-V4g0XtHKrXEeoXJLbMjGwRafIpR76SH20LdXTF5kg7W0Ftm4gIJgu9wcLyFr0I43rRZGgQ6htLlj5fVl5C3-OccpDvTzY5_gXDRrJhEqnTol_-thKcDtZ8VIkxaP7p6snBMLXyAfNnFITVR69CjY_wGikFxmUmhC4iTySh5Ie_AbZ9NixpeiVESdw-B_37mVxOQYdZZgR2I0tcWPuZp2tYvCu5W0KcBENPW5FkrrPznU_HoWHu87lVKirpXuS3kQGPHp_74682jsf4kJoTDhwOhacuSCsYsdmz3yFrN-Hjj1QFln99sVQUsJAkGVCb_1-Q0UkDsxuGbaQXJb_wqGErNU6Gtxw1A2CJ5eClzrVmv5fTIWPSenkKXuFI86UcNZQkDa3S1mwGMyHIxZHzbu_CrMbXjhku9WSn3PtCOlu9E_tklN0RlgzS7AqnqP0kTQbjUIbXYorY0uFtZLUXViANEtHFyjO70slUDvUUAbs2ZTmfVtVOPlwCrRhMWU7rxwTHwKGaZUvmItYASrVN_qioe5Nu1p2Hjh55mNGnGgDPfoz1euHczXuvKnqTRtJGVILrWT3IkiKpO0szkxs8qZZEJARPbnx-lNoiIDZg4kv7N34l61siaQfgn6AIeta5I7kCY5jqqz_3TQvikr8bmSF8WyoylD5dEG9jrq35fJpzHEEdw7uMK9kxtrZpbCe4itfKBWpM9W3bMBDGaTFWEDqMWoPZWDnIPWB7dgSziMSV5sh88ehVJqeCvpgmrH7u_rw6Dlh9E_bMno5q3a3Sn4fE8NEDiVQQdbqb6oJEQZ--ndzLrx2dR_nq16Tx7IRZ26yctVpRd_pILk27e7RhpPARbENnQ64zSOSfP3CF537wvxcQkdf7SXotEmXybw8o2w3kVWFizapshPUht8Zaa19_fAV_Cg6YVN19iXO3w8ufodWfaTPZ-7tG0XtBAU6cZTgABTEOWaCAmIqrQSGzXQi7tZSxLks64gG2gfpUMxMMnEX2_-YElW0oekqYxGby1-KksCOFbqtAPhSIo_1Kg4lzap8lWNqczU8kruLLkPep6gPP0aR5OWO4dY1ZaacEtJx9HPDIfPg-UFCHKlyPbcXt7hH82n-6Iy669MRayljdfRsnePP1RVzOepw4nyK5Q7vsYr0Lmu8q4qXuy-Wmy5rGyXOIaXK432Zj_QHdm03used1E1Cl9mgLIXcHOvSvOZnYDga1ruXsCMUFBqv3F8QtzY1jTzvL4nqiLeTvuj_eLZ26qZHdYhDFYbtNOAETfIBgN60lUs1SVsP9EOuIpW-QiqQrVhp76hiW1hHVpBUL73EvU3yRglHaxfeXQuiy0U4qyeWYbcxokig2fjiXFplvityZ74tJuQ1qKV2KpYXtw0mKD62mrG8SNqQSQSl_CSyPg6RRN3ZZaBmi45Z77MoQadD-gX4ld07-M70lJ0mNAQpvGvyZUevQS7cMwHmCpra5VRFo52joVFvDO1mszAukdQJwj6iVHDIJpYrYQVRxsM4Ut-BS4MBbbhKKq2aI4y9BXPP02KzvFNGRO0WwM-ieJYdwpPYK1uqaUgvoWpXJ2gsGHUajCKk4ugIodcYXIxULIlZRAFo5PqhqGxVm415khdauQZrCmQHLiH1WyW3kmXX9Lc4W-D0kYhYaZTxCYQy70DVdRhsxQ81oGjISpsLHDZ-NXhc_xjmfXuFPGP79U1TejfcdAly2Kj-UqkqWiBuU8txgeoblnYYuSlSbBUSRw9pH2PXYq2Pbw8ck-CzpaLZ4dI_HDiFByCc7n_6aq6UYxcd2WlxJQWF1wOfxH67n4cEroSI0S7RuXawhaGBcGbJEGvraoMsxcJGHYjCQx8fCbdXKNsrZUx2l8F3OIQeqoyg9AtXpR3_CDnHbJWlQ9LpWlZ856C8arqrKnE1PrVcr3CivAj_pg2KhyXzRgazYvrMGs6NpLOtvzMfnGZ7eo1I1ZP20645me9qdsstkd-EVhFdUZNZaqKEOcu_7tL-Da0zFkitS-Zj2Iw291QyRRtlscPfL-9V--EqtCDFKALbuwQqvmwLLdTdjs7glWn9tp6mEr1h4h4YVAvyDBGUNyetDgATczmpTgHJfpWm5cG8s2SX9UhN3ZEJ1h9Ns5X5kN4WOlcri85Ek5oKyP-f9mQ7G4J4jYVyzA47klHgIezKuslxKLwNj67x0MuQ4EaZwWDPnYd7g5689CXxr-0bnZPMceO562tTEv1d-tW84zRCuv3mAVVKKJ8Q1J9-E9UVHmivduXtHA6P5uO1-rUiuxdOaR5ujVIPn0Fl_0Dte79ca2uKE5fHU6D5k6lsa7vG3eI9JQljVknF6DTDYdMx71b_ZS4GM4JQivGYLzgEVB7yOGZYKNxuZkNpeyqEI8WbepTerk9kKv0tnrQ_tNg3YhFQQ1ALO8jOWm3G2rSgv0N6RX3BCD7IPSVX5JgYWW6hsdepU06fQ3Bm-XoJ8U2D1kgDXRXzxraj75rSSWn6ec9iQaeiOfpM4PddOR9htMY_zY6TGqUTANSwwBXIdF3Aw1vsViVZjAN0d6mna5ByXJNw1gDAuF2yxA7fjEljOqLHgaWLv4ZlEsNUg1YARVDOs9-GwzQxtXNCUBT8311j0sKPr22DmwAzE4U-WClesOwl0iFco42LkCIdhOhy0ZYzLWZZpE9GhDcRF5iBmU0HobwX18ehkd9COcm6BCPt_0_90dLyWptAtaheaRTbvajE983iEch1WNje84T3XaEeM2jVsD22539jyUhuqgVhe7W1TCV6bzxF-6NsQyYi_C6R0vipJyQmlntel0bzoSvO0pQGLFO3p6riSU1-HsMh7BwXub6QMUuYdylSdNItpgg4vX2Zz14pquxbeamHcHaYcDTT81RYifMd_O8Fqdb81bo1g6emAV5GrRrlhZf8JTjM9rPbwR544I7dqeTcVuo434HGE4Dov_yaMwaaf-DyluikpJBZzRFMcaKIEUFdqBpJnR58vNhDF__f_9dtp9WeG2Swb6ps-triONtMcqlPw8cTh_u4O9BCHW3zzNRhyvNHZgEcDz0r9c9T1Bsgfcvi9eK1Xtad7sfXnACMiYNI2hk_8aB3p2O1yzzlWqJbMixcdjDinJa_3h1RItXC5-grF0dhRPK2N9vrwWb7WeXkzVHH36cHGRFdVsinWUiYp0E01e0SPnyqdHG25n4gBG7jbcTs2ga9qpzF-2zzbIGF3bh84GWvNqyc3MOlra5xAmcRYVZwWELMK4qHCIckM0cVhMEsb8A1fBzUu2BxypeOqky78fA7cwhGVZ4qEUvg72HoMT93TqDzrc4mlVOVmWnacptpfWS7YgxqArLBMHxVAT4n_jJ3rnwiBYsn68FATCHErJxncEjgO-NIJVXLG_cGoSGqN5RD2FrJYvnwJNdOZBeLU9TjOYf9oPviUzN7bpZI1oNlS-16woIqEJe86cHzDG650KkPadxxifd_60I2w0jDlmV77woy6wOpHR2NR1e6rVWI2edWkYeVTlX2hi_9CE5SwlRycVm3CZebCGA0nH-V8-cPywLOfr_9Wr7McXuVmTBAVMRlyP5L0Tea_Js598dUAaz1SbYsZbDlTEzDz8adyw6RBpU-F-FfK9d6LZeVOoWfas8ZbB4fJJIr1MiuyzZYtZsA-QK2HJ0XjkuGIdbYmx-XgeJrgqWoSKhcEbqW7NaavHPbOZgqPujp_D2v6Jdb8U0KPm9yY-fkW2lmYHuUI3qQYu0gCClC5D_ph1GOF0KwADPTyqiwt0QjqdXIitsmEWg28tBYM340BZb_aAPZPB01ddqlUJyYs2xFtK6Lq14dMqRZMEYumZIRKQ97OyTYA3CfzRbXKSiEZc_gN4ZaSqZSG6-Rdx8_7G2DeJVwRnJ6yE6gTF7eTyCcubCFNmiCQHxEqrig6jhK4Hl4BUUFqMeciBkLWLKbzQ1WUR0A5BR8u2_TnNalMI3oIwmy2T6i3h678oFYFKtu0fPLls1yXb_3YezxeBmMZwdMcxYe4HJ2YJBDD7NfIO6YEgCUCspliEJyZmDbdzjB3lAGmJhgAYKLP7R45WLR6SVtm9BProbOxsVAZynG4T5r3VGApQSHyVCMFAKlZ5CtyCxhwfY_IiN6-ouWrcxN9is_SCYw0zv7tVDHtLK895frQ3HmiZoXIkF8kTi4Dsbg58LzM979LA335xFfrmtEz35Qk67XZt_hq4cAOfybpdHdXJmCg2s0_rTIrKt6cvJhOEYdvPxqFQKfFrDR-SENi8PEw5OSqvADVxGS_QRNHIXXnEOgmKV9Kz0lM6I49L-JwMNj-2seUcKQOpp5eJs7NCoXyUclxqItUwoKgTjMrEgs7wtEzGwKbLWKOQ5uRnMbnkbn_jPmGeZJGB8xWPptekL1VatYX37PfYYOFW5trLr8tZHjmNDYjWUUKfiqwLDJJ3QG6GQ_NaiEhtPWNe4XAfDH3w2ByIOm9iLK51l2ItiSz1PYVI6or26DBTkzrj9CveFJ3ZMcz3y1eVT6yNmbTK9mt.DNpsG3CyCU3fAACL7LysDb0Mq1eED3D-LiBTlwl_CT0
Delta links cannot exceed 16 000 characters.
The suggestion is to update your code/configuration/infrastructure so it can support URLs up to 16k characters.
If you can't upgrade your infrastructure to support such length, you could wrap the request into a batch to overcome that limitation (the delta link will be in the body and not the request URL anymore)
Related
I am using /delta OneDrive APIs from Graph to sync files & folders for all the users in my organization.
According to the documentation:
There may be cases when the service can't provide a list of changes for a given token (for example, if a client tries to reuse an old token after being disconnected for a long time, or if server state has changed and a new token is required). In these cases, the service will return an HTTP 410 Gone error
There is no exact time-frame when the delta token is too old or expires.
Is there a particular time-frame after which the token is unusable in case of drive and we'll get the 410 error?
There is not defined time to live (TTL) for delta tokens, nor is the age the only factor in determining if the token is invalid. If there are substantial changes (i.e. substantial changes to the tenant and/or drive could cause it as well).
So long as your code is set up to handle a possible 410, you shouldn't see much impact from this. My general guidance would be to optimize for a "full resync" but comparing file metadata and only pulling or pushing files that have changed (i.e. compare name, path, size, dates, etc.).
I am using #GET("/beta/me/mailFolders/{parentFolderId}/messages") for getting messages from folder in users mailbox, can I get 5000 messages in one request when setting parameter $top=5000?
The limit is 1000, though that is not recommended. The recommended approach is to do 100 and use paging. The reason for this is that the more items you fetch in a single request, the longer that request takes and makes you more susceptible to timeouts and such.
I am currently working on an application that makes requests using the .NET SDK for the Microsoft Graph API. Specifically to retrieve information about users and their OneDrives.
Microsoft throttles API requests by returning an HTTP 429 status code, and I have implemented a back-off using the Retry-After header. I have noticed however that I seem to be getting throttled after only a handful of requests.
I have also been using Microsoft Graph Explorer to test some of my API calls and have noticed that I never seem to get a 429 response when accessing the API via that method. After also seeing reports of people having issues with the OneDrive client on Linux that they managed to work around by changing their User-Agent header, I thought maybe I needed to set a User-Agent for my requests.
The result is that it seems that if I set the User-Agent header to be something like Mozilla/5.0 then all the throttling issues seem to disappear. I have searched high and low and so far haven't managed to find any documentation on what a valid User-Agent should be, and I would prefer to avoid making my app impersonate a browser, so I wondered whether there was any guidance or documentation around that I might have missed?
For instance, a User-Agent of Mozilla/5.0 seems to result in no throttling, but MyApp/1.0 results in throttling.
There isn't any guidance on the User-Agent header and to be honest, I'm not sure why this would have any effect on throttling.
Throttling in Microsoft Graph is handled by the underlying service you're interacting with. For example, the /notes/ endpoint throttling is governed by OneNote while /messages is governed by Exchange.
In most cases, OneDrive will throttle by number of concurrent requests, per app, per user. So using Delegated permissions, your app should generally be able to concurrently upload 4 files without a problem. Any more than that and you will start to see 429 responses.
there are some best-practices from Microsoft to handle throttling:
https://learn.microsoft.com/en-us/sharepoint/dev/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online#how-to-decorate-your-http-traffic-to-avoid-throttling
you should decorate your http user-agent as following:
NONISV|CompanyName|AppName/Version
Identify as NONISV and include Company Name, App Name separated by a pipe character and then adding Version number separated with a slash character
or
ISV|CompanyName|AppName/Version
Identify as ISV and include Company Name, App Name separated by a pipe character and then adding Version number separated with a slash character
Goo.gl nicely mentions that you have a limit of 1.000.000 when using an API key.
https://developers.google.com/url-shortener/v1/getting_started
// Quotas:
By default, your registered project gets 1,000,000 requests per day for the URL Shortener API (see the Developers console for more details).
I can't find what the quota limits are when you "don't" use an API key.
The reason for this is, I could use the API key, but the server(s) will be set among various clients, and communicating in uncertain conditions where the API key could be sniffed. Aside that, OAuth would require user interaction, which wouldn't be acceptable in an automated process (which may not even haven a UI).
https://support.google.com/cloud/answer/6158857?hl=en
My expected usage would be maybe 10-20 / minute during peak hours, or max 1000 a day. Would this hit goo.gl's non API limits?
How large can a HTTP form parameter string be?
If I want to pass say a couple of pages worth of XML will a form parameter be ok? Or if not would I need to treat it as a file upload to be sure?
Thanks
Assuming you're sending the content via POST, rather than as part of the querystring in GET, there's no universal limit. Some servers may constrain POST requests to some specific size to reduce the risk of denial of service requests, but those limits are likely to be in 1-8 megabyte range on most server configurations.
As a developer, you'll probably be able to configure that limit if there is one; in Rails, the mechanism depends on what HTTP application server you're using. Mongrel sets it in a Const::MAX_BODY, I think.
File Upload is just a specially encoded POST request, so it won't have much effect on limits, if any.
If you're passing them in via that POST method, there is no limit.
If you're passing them in via a GET request, then the limit varies depending on the browser, proxy software, web server, and so on; you generally should make sure that you have less than 2000 characters in your URL as a whole, to be on the safe side (IE has a limit of 2048 characters in the path portion of the URL).
There is definitely a limit, both on client and server.
Limits are imposed by web browser
Maximum URL length is 2,083 characters in Internet Explorer
http://support.microsoft.com/kb/208427/en-us
In IIS Web Server default limit is 16,384 characters
See MaxFieldLength:
http://support.microsoft.com/kb/820129/en-us