Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Component/s: core, extras-executable-war
Labels:
- 2.176.3-rejected
Environment:
Jenkins 1.581, launched through the built in Jetty

Similar Issues:

Show
Released As:
Jenkins 2.184

Each time Jenkins (re)starts, its session-cookie name changes (ie JSESSIONID.some_random_string).

After a while, the browser have a bunch of session cookies, each one having a different name, causing the "Cookie" request header to be very long. The server returns a HTTP 413 response and a blank page. The user must clean his cookies in order to access Jenkins again.

Workaround: Since Jenkins 2.66 there are custom options for managing Jetty session IDs: https://github.com/jenkinsci/extras-executable-war/#jetty-session-ids

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

full_of_session_cookie.png
146 kB
2015-07-06 09:38
413_on_requests.png
144 kB
2015-07-06 09:38

is duplicated by

JENKINS-36880 WARNING: badMessage: 413 for HttpChannelOverHttp and WARNING: Header is too large >8192

Resolved

JENKINS-36993 Cookie header too long, causing a 413 HTTP error

Resolved

JENKINS-43927 Unable to login due to too many jsessionids creating a too large header

Resolved

JENKINS-45449 "Bad Message 431" everywhere

Closed

is related to

JENKINS-44894 Make Jetty Session ID configurable via System properties

Resolved

links to

acceptance-test-harness PR-497

CloudBees Internal OSS-2226

PR-3939

(4 links to)

Assignee:: Unassigned

Reporter:: Eric Citaire

Votes:: 44 Vote for this issue

Watchers:: 43 Start watching this issue

Created:: 2014-10-08 14:20

Updated:: 2023-07-05 12:30

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates