Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25046

Cookie header too long, causing a 413 HTTP error

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      Jenkins 2.184

      Description

      Each time Jenkins (re)starts, its session-cookie name changes (ie JSESSIONID.some_random_string).

      After a while, the browser have a bunch of session cookies, each one having a different name, causing the "Cookie" request header to be very long. The server returns a HTTP 413 response and a blank page. The user must clean his cookies in order to access Jenkins again.

       

      Workaround: Since Jenkins 2.66 there are custom options for managing Jetty session IDs: https://github.com/jenkinsci/extras-executable-war/#jetty-session-ids

        Attachments

          Issue Links

            Activity

            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            https://github.com/jenkinsci/jenkins/pull/3939 was integrated and released in 2.184. I marked it as the LTS candidate, but I am not sure it will be considered for backporting by Oliver Gondža talking the rebase issues in the pull request. Whomever is interested, please feel free to suggest a clean pull request against the LTS branch

             

            Show
            oleg_nenashev Oleg Nenashev added a comment - https://github.com/jenkinsci/jenkins/pull/3939  was integrated and released in 2.184. I marked it as the LTS candidate, but I am not sure it will be considered for backporting by Oliver Gondža talking the rebase issues in the pull request. Whomever is interested, please feel free to suggest a clean pull request against the LTS branch  
            Hide
            jameshowe James Howe added a comment -

            This looks like it might be back in 2.303.1

            Clearing cookies (of which there were many) fixed it.

            Show
            jameshowe James Howe added a comment - This looks like it might be back in 2.303.1 Clearing cookies (of which there were many) fixed it.
            Hide
            matthias_glastra Matthias Glastra added a comment -

            I recognize what you are saying. We are having a loop in our SSO login procedure and if we remove the Cookie mentioned here it works again. This is with LTS 2.319.2.

            Show
            matthias_glastra Matthias Glastra added a comment - I recognize what you are saying. We are having a loop in our SSO login procedure and if we remove the Cookie mentioned here it works again. This is with LTS 2.319.2.
            Hide
            jsoref Josh Soref added a comment -

            File a new ticket. Provide a lot of information.

            Please leave me out if it.

            Show
            jsoref Josh Soref added a comment - File a new ticket. Provide a lot of information. Please leave me out if it.
            Hide
            matthias_glastra Matthias Glastra added a comment -

            Sure no problem. Sorry bringing it up.

            Show
            matthias_glastra Matthias Glastra added a comment - Sure no problem. Sorry bringing it up.

              People

              Assignee:
              jsoref Josh Soref
              Reporter:
              ericcitaire Eric Citaire
              Votes:
              39 Vote for this issue
              Watchers:
              43 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: