Request Header Fields Too Large
ggianfran opened this issue · comments
Hi, I am running ladder behind a traefik reverse proxy with an Authentik ForwardAuth middleware.
When I open the app to the base url, I get the following error: Request Header Fields Too Large
None of my other forwardauth applications experience this. Is it something in my configuration possibly?
Chrome console returns this: Failed to load resource: the server responded with a status of 431 ()
I am running ladder in a container
Hi
I'm pretty sure there is nothing wrong with your setup. I've seen this with my binaries on localhost too.
This is caused by accumulating cookies over multiple sites. Deleting cookies for the domain you're running ladder on, should solve your problem.
But we need a more sustainable solution. I've currently no idea. Maybe scoping the cookies to subpaths.
Seems like traefik has a 1MB header size hard limit (which comes from the go std lib) traefik/traefik#8846
What if we just strip the Set-Cookie header on every upstream request? Many soft paywall services track how many articles you’ve read in cookies or local storage, so this could solve two problems at once.
Another idea:
inject JS into the HTML that monkey patches document.cookie
with a dummy function to prevent JS from setting cookies as well. Could do the same with localstorage APIs, but not sure how often that's being used to trigger paywalls.
Or just empty it downstream by setting Cookie to empty string
https://github.com/everywall/ladder/blob/main/handlers/proxy.go#L93
The javascript of the current site might still write some cookies, but they are not forwarded and reset to "" with the next request.
Not sure why but I seem to still be getting these errors, on v0.0.21. I have to constantly clear cookies from local storage. Anyone else?
I did a fresh install with docker and had the same error behind Traefik. As a workaround, I am preventing the ladder subdomain from reading cookies in the browser config, and it works. Not sure if that is going to break functionality.