The URI or path of a HTTP request doesn’t have any hard limits in terms of how long it’s allowed to be.
However, Browsers and search engines have limits, and on the server side it’s a good idea to limit the length of the URI to combat certain denial-of-service attacks or bugs.
Based on limits of browsers, it’s a good idea to try and not exceed 2000 bytes for the uri.
When a client does exceed it, the appropriate status code to return is
414 URI Too Long.
HTTP/1.1 414 URI Too Long Content-Type: text/html <p>Insufficient level of conciseness in request</p>
- RFC7231, Section 6.5.12 - 414 URI Too Long