Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25046

Cookie header too long, causing a 413 HTTP error

    XMLWordPrintable

Details

    • Jenkins 2.184

    Description

      Each time Jenkins (re)starts, its session-cookie name changes (ie JSESSIONID.some_random_string).

      After a while, the browser have a bunch of session cookies, each one having a different name, causing the "Cookie" request header to be very long. The server returns a HTTP 413 response and a blank page. The user must clean his cookies in order to access Jenkins again.

       

      Workaround: Since Jenkins 2.66 there are custom options for managing Jetty session IDs: https://github.com/jenkinsci/extras-executable-war/#jetty-session-ids

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-36880 WARNING: badMessage: 413 for HttpChannelOverHttp and WARNING: Header is too large >8192

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-36993 Cookie header too long, causing a 413 HTTP error

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-43927 Unable to login due to too many jsessionids creating a too large header

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-45449 "Bad Message 431" everywhere

          • Major - Major loss of function.
          • Closed
          is related to

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-44894 Make Jetty Session ID configurable via System properties

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link acceptance-test-harness PR-497

          Web Link CloudBees Internal OSS-2226

          Web Link PR

          Web Link PR-3939

          Activity

            Ascending order - Click to sort in descending order
            View 47 older comments
            jsoref Josh Soref added a comment -

            A change to that code would be a significant behavior change and would not have the same summary as this ticket. 

            jsoref Josh Soref added a comment - A change to that code would be a significant behavior change and would not have the same summary as this ticket. 
            bizdelnick Dmitry Mikhirev added a comment -

            > The code fix did work and was fine for more than enough time.
            Again, it is not a fix, it is just a workaround that does not work with default settings.

            > A change to that code would be a significant behavior change and would not have the same summary as this ticket.
            It is not a significant change, just adding couple lines of code. Try to load a stored ID, if not successful generate a new one and store it.

            bizdelnick Dmitry Mikhirev added a comment - > The code fix did work and was fine for more than enough time. Again, it is not a fix, it is just a workaround that does not work with default settings. > A change to that code would be a significant behavior change and would not have the same summary as this ticket. It is not a significant change, just adding couple lines of code. Try to load a stored ID, if not successful generate a new one and store it.
            bizdelnick Dmitry Mikhirev added a comment -

            reopen

            bizdelnick Dmitry Mikhirev added a comment - reopen
            markewaite Mark Waite added a comment -

            bizdelnick as requested by jsoref, please open a new issue. Reopening this issue is not helping you get a fix and is not helping others.

            I am acting in my role as a member of the Jenkins board by making this request. I believe that the request from Josh to open a new ticket is reasonable.

            markewaite Mark Waite added a comment - bizdelnick as requested by jsoref , please open a new issue. Reopening this issue is not helping you get a fix and is not helping others. I am acting in my role as a member of the Jenkins board by making this request. I believe that the request from Josh to open a new ticket is reasonable.
            bizdelnick Dmitry Mikhirev added a comment -

            I won't stop reopening this issue. There were issues opened by other users about this bug that were closed as duplicates of this one, so I conclude filing a new issue does not work.
            The bug, reported here, was not fixed. The provided workaround "if you don't want this happen to you, go change your system properties" is not acceptable.

            bizdelnick Dmitry Mikhirev added a comment - I won't stop reopening this issue. There were issues opened by other users about this bug that were closed as duplicates of this one, so I conclude filing a new issue does not work. The bug, reported here, was not fixed. The provided workaround "if you don't want this happen to you, go change your system properties" is not acceptable.

            People

              Unassigned Unassigned
              ericcitaire Eric Citaire
              Votes:
              41 Vote for this issue
              Watchers:
              41 Start watching this issue

              Dates

                Created:
                Updated: