2 files changed, 8 insertions, 3 deletions

diff --git a/django/http/response.py b/django/http/response.py
index 763fd2a8ac..28b8fa6d36 100644
--- a/django/http/response.py
+++ b/django/http/response.py
@@ -21,7 +21,11 @@ from django.http.cookie import SimpleCookie
 from django.utils import timezone
 from django.utils.datastructures import CaseInsensitiveMapping
 from django.utils.encoding import iri_to_uri
-from django.utils.http import MAX_URL_LENGTH, content_disposition_header, http_date
+from django.utils.http import (
+    MAX_URL_REDIRECT_LENGTH,
+    content_disposition_header,
+    http_date,
+)
 from django.utils.regex_helper import _lazy_re_compile
 
 _charset_from_content_type_re = _lazy_re_compile(
@@ -615,9 +619,9 @@ class HttpResponseRedirectBase(HttpResponse):
         super().__init__(*args, **kwargs)
         self["Location"] = iri_to_uri(redirect_to)
         redirect_to_str = str(redirect_to)
-        if len(redirect_to_str) > MAX_URL_LENGTH:
+        if len(redirect_to_str) > MAX_URL_REDIRECT_LENGTH:
             raise DisallowedRedirect(
-                f"Unsafe redirect exceeding {MAX_URL_LENGTH} characters"
+                f"Unsafe redirect exceeding {MAX_URL_REDIRECT_LENGTH} characters"
             )
         parsed = urlparse(redirect_to_str)
         if parsed.scheme and parsed.scheme not in self.allowed_schemes:
diff --git a/django/utils/http.py b/django/utils/http.py
index 244ff7e866..0804937f38 100644
--- a/django/utils/http.py
+++ b/django/utils/http.py
@@ -48,6 +48,7 @@ ASCTIME_DATE = _lazy_re_compile(r"^\w{3} %s %s %s %s$" % (__M, __D2, __T, __Y))
 RFC3986_GENDELIMS = ":/?#[]@"
 RFC3986_SUBDELIMS = "!$&'()*+,;="
 MAX_URL_LENGTH = 2048
+MAX_URL_REDIRECT_LENGTH = 16384
 
 # TODO: Remove when dropping support for PY38.
 # Unsafe bytes to be removed per WHATWG spec.