Strange error on chrome on high cookie count

Question

Strange error on chrome on high cookie count

diegosuarez opened this issue 4 years ago · 3 comments

diegosuarez commented 4 years ago

This bug is very weird, so I'll try to explain as best as I can:

Expected Behavior

Hitch would have to serve the request correctly.

Current Behavior

Chrome gives a ERR_HTTP2_PROTOCOL_ERROR. Latest Hitch doesn't log anything.

Possible Solution

Cleaning cookies or having them below ~ 48 makes Hitch behave normally.

Steps to Reproduce (for bugs)

This bug is not reproducible via cURL, so diagnosing it isn't easy. You have to use Chrome browser (any version tested has the problem, but 90.0.4430.72 is what I've just tested.
1.- Acumulate over 48 cookies on the same page. I tested it using mod_header and sending a Cookie header with the value

a0=0;a1=1;a2=2;a3=3;a4=4;a5=5;a6=6;a7=7;a8=8;a9=9;a10=10;a11=11;a12=12;a13=13;a14=14;a15=15;a16=16;a17=17;a18=18;a19=19;a20=20;a21=21;a22=22;a23=23;a24=24;a25=25;a26=26;a27=27;a28=28;a29=29;a30=30;a31=31;a32=32;a33=33;a34=34;a35=35;a36=36;a37=37;a38=38;a39=39;a40=40;a41=41;a42=42;a43=43;a44=44;a45=45;a46=46;a47=47;a48=48;a49=49;a50=50;a51=51;a52=52;a53=53;a54=54;a55=55;a56=56;a57=57;a58=58;a59=59;a60=60;a61=61;a62=62;a63=63;

Since a client reported it to us with a normal navigation, is not a thing from the chrome extension

2.- Try to access any hitch served site. I've tried against https://hitch-tls.org/ and bug is reproducible. Bug does not occur if you do the same request against any nginx server via HTTP2

Context

Since we're trying to migrate from nginx to hitch, one of our customers send us a picture that showed the chrome http2 error. After debugging it some time, we tested with different lengths of cookie and different cookie number, and we got that error happens when you have about ~48 ';' characters in the header.

Your Environment

Version used: hitch > 1.5.0
Operating System and version: Ubuntu Linux 20.10, Debian10, Windows 10. Chrome 90.0.4430.72 between others, https://bewisse.com/modheader/help/ extension (but not necessary, happens without it)

Answer 1 · 2021-04-26T15:57:33.000Z

Hitch does not inspect L7 traffic, this is likely a problem on your web server behind hitch. If it's Varnish, you may reach a limit like http_req_hdr_len if your 48 cookies exceed the default 8kB value.

Answer 2 · 2021-04-26T16:04:46.000Z

Hi Dridi,

It must be Varnish then. Since is Varnish Enterprise, I'll close this bug and I will follow this conversation via ticket in zendesk.

Answer 3 · 2021-04-26T16:05:53.000Z

Alternatively, because HTTP/2 mandates to have one cookie per header instead of one header for all cookies this is probably exceeding the default http_max_hdr of 64, combined with other headers.