Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] HTTP header truncated

From: Alexander Koeppe <format_c@xxxxxxxxx>
Date: Sat, 16 Apr 2011 02:10:27 +0200
Am 15.04.2011 22:20, schrieb Sake Blok:
> On 14 apr 2011, at 22:46, Chris Maynard wrote:
> 
>> Alexander Koeppe <format_c@...> writes:
>>
>>> If I click on the field, the complete data is being selected in the
>>> bytes view. But in the detail view (where I clicked on) the word
>>> [truncated] is prepended.
>>>
>>> Question: Can I increase that "limit" over the GUI or ony withing the
>>> source code?
>>> I already had a look but didn't found the position where this truncation
>>> is being performed.
>>>
>>> So would be great if you guys could give me a short hint.
>>
>> The limitation is imposed by ITEM_LABEL_LENGTH, currently defined in
>> epan/proto.h as 240.  
> 
> (and now without premature sending)
> 
> A workaround without having to recompile Wireshark might be one of these options:
> 
> - Use follow TCP stream to get the full Authentication header
> - Use rightclick -> copy -> value and then paste in a separate text file
> 
> Cheers,
> 
> 
> Sake
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
> 
Thanks Sake,

But you maybe also know vendor's support people.
If they see a "truncated" they even don't believe anything.
If they see nothing, they believe everything.

I'll go the recompile way and increase the value of ITEM_LABEL_LENGTH
(thanks to Chris). it's not so costy for me.

Cheers Alex