I am currently managing an Open OnDemand instance in my institution, and we keep seeing this error come up:
# Bad Request
Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit.
The error is not persistent. It comes up every once in a while. If you open OnDemand from an incognito tab or new browser it works. Also, if you try again with the problematic browser hours after, it works. I am so confused.
Any idea why this is happening? Any idea how to get around it?
Hello! It sounds like this is something that would show up in the Apache logs (Logging — Open OnDemand 3.1.0 documentation) - Is it possible for you to catch this your error logs and share that?
I did not find anything useful in the logs. In fact, my account’s access.log/error.log were blank. No error/access gzip files were generated with today’s date.
OK, after some research, I’ve found this has to do with the number of cookies being sent via request headers. You can use oidc_state_max_number_of_cookies to increase this limit. You can read more about the variable that’s being set here: mod_auth_openidc/auth_openidc.conf at master · OpenIDC/mod_auth_openidc · GitHub and definitely let me know if you have more questions.
Edit: Forgive me, I mispoke - you want to decrease the max number of cookies so that the header size is smaller.
Sorry to loop back in way later. Original solution somewhat worked, with a caveat.
I took your previous advice, and lowered the number of oidc_state_max_number_of_cookies from 10 to 5. This made the error less prevalent, but it still comes up every once in a while. Can you tell me more about the effect of this variable?
If I lower it all the way down to 1, how would the user’s experience get affected?