By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

400 error: request header or cookie too large for nginx

0

Hello,

I am trying to run a website on elastic beanstalk. It's a node js / express app. I have uploaded the code to github, connected to it through code pipeline, then connected a beanstalk environment to the code pipeline. Also, I connected the custom domains example.com and www.example.com to the beanstalk environment through two A records in route 53.

When I click on the beanstalk domain http://exampleapp-env.abc-123456.us-east-1.elasticbeanstalk.com/ it says 400 Bad request. Request header or cookie too large. nginx. When I run curl -I http://example.com it says Content-Length: 226. This is also what it says in F12. I tried to look up the max request header size for nginx, and it said 4K - 8K ?

Also, I am creating a cookie in my app.js file with response.cookie but the maxAge is only 10000 which is only 10 seconds. Also this is the response, not the request ?

When I go to the EC2 instance that the beanstalk environment created and click on the public and private ipv4 addresses it just says xx.xx.xx.xx took too long to respond.

When I go to the actual domain example.com in the browser it also says 400 Bad request. Request header or cookie too large. nginx.

Under Configuration > Environment properties I have an environment variable PORT with value 80 because according to this article you should use 80. But I looked at the error logs in the beanstalk environment and under /var/log/web.stdout.log it says Error: listen EACCES: permission denied 0.0.0.0:80.

Could someone please help me with this?

Topics
Compute
Tags
Website ProvisioningAWS Elastic BeanstalkAmazon EC2
Language
English
Jeff F
asked 10 months ago1330 views
1 Answer
1
Accepted Answer

Hi, on your first point, Content-Length doesn't include cookies. See https://stackoverflow.com/questions/2773396/whats-the-content-length-field-in-http-header.

On max cookie size for Application Load Balancer, it's 16K. See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html on sticky sessions

Since most browsers limit cookies to 4K in size, the load balancer shards 
application cookies greater than 4K into multiple cookies. Application 
Load Balancers support cookies up to 16K in size and can therefore create up to 4 shards that 
it sends to the client

Your error message says "Request header or cookie too large", so what is the content of your request sent when you click?

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 10 months ago
  • Jeff F
    10 months ago

    I realized that it had to do with trying to configure my site for https connections. I ended up figuring it out, mostly, but it had to do with deeper issues.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content