Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid cookie value #2513

Closed
seemsindie opened this issue Apr 24, 2015 · 14 comments

Comments

@seemsindie
Copy link

commented Apr 24, 2015

I have a blank server running with just , and it's working fine. But when i forward the port trough NAT because i have server listening inside VM and when i try to access the API on the host machine i get this:
{"statusCode":400,"error":"Bad Request","message":"Invalid cookie value"}

Any idea why is this happening, and how to fix it?

@edimoldovan

This comment has been minimized.

Copy link

commented Apr 24, 2015

Looks like a validation error, at least I get similar responses when validation fails. Do you have any kind of request validation in there?

@seemsindie

This comment has been minimized.

Copy link
Author

commented Apr 24, 2015

nope, just this:
server.route({
method: 'GET',
path: '/',
handler: function(req, res) {
res('Hello World!');
}
});

@edimoldovan

This comment has been minimized.

Copy link

commented Apr 24, 2015

Just tried your code, works perfectly here. Can you post the rest of your app.js?

@MathieuLoutre

This comment has been minimized.

Copy link
Contributor

commented Apr 24, 2015

I've seen that before and I'm not sure what's exactly happening (although nothing as complex as port forwarding was needed, just a simple server). The server wasn't even using any cookie related thing explicitly (no cookie auth etc.). Can you try in an incognito window?
I suspect a malformed cookie has been set somehow and hapi can't deal with it.

@seemsindie

This comment has been minimized.

Copy link
Author

commented Apr 24, 2015

@edimoldovan
var Hapi = require('hapi');

var server = new Hapi.Server();
server.connection({ port: 3000 });
server.route({
method: 'GET',
path: '/',
handler: function(req, res) {
res('Hello World!');
}
});

server.start(function () {
console.log('Server running at:', server.info.uri);
});

But there is no issue on the host machine, but where the port is forwarded.

@MathieuLoutre Yes, it works in incognito, do you know witch cookie is the issue?

@MathieuLoutre

This comment has been minimized.

Copy link
Contributor

commented Apr 24, 2015

@seemsindie no clue. But if you find out, I'm interested!

@seemsindie

This comment has been minimized.

Copy link
Author

commented Apr 24, 2015

@MathieuLoutre i have another project on same domain 'localhost', and that project have two cookies, tr and tr_tkn. Can i somehow turn off cookie parsing, or if i can parse what i just want?

@MathieuLoutre

This comment has been minimized.

Copy link
Contributor

commented Apr 24, 2015

Hum, I'm not 100% sure as I haven't done it myself, but I'd look here: https://github.com/hapijs/hapi/blob/master/API.md#route.config.state

@seemsindie

This comment has been minimized.

Copy link
Author

commented Apr 24, 2015

@MathieuLoutre Yep, i just added

config: {
      state: {
        parse: false, // parse and store in request.state
        failAction: 'ignore' // may also be 'ignore' or 'log'
      }
    }

to the route and it's working.
Thanks man!

@seemsindie seemsindie closed this Apr 24, 2015

@MathieuLoutre

This comment has been minimized.

Copy link
Contributor

commented Apr 24, 2015

Nice! Happy that we found a solution :)

@danielb2

This comment has been minimized.

Copy link
Contributor

commented Dec 29, 2015

This happens at least when there's a space in the cookie. When dealing with legacy code and migration, this can be an issue. Should hapi really fail completely here?

@stefanwille

This comment has been minimized.

Copy link

commented Sep 9, 2016

I just got the same error on a freshly installed Hapi with the "hello" example from the homepage. After adding the config to the route by Mathieu it worked. Not a good experience.

It still worked after deleting all my cookies for the domain (which was localhost).

@vv13

This comment has been minimized.

Copy link

commented Dec 7, 2016

thank u very much.

@george-norris-salesforce

This comment has been minimized.

Copy link

commented Jul 25, 2019

Wait, you have to ignore a "failAction" to make cookies work? Is there another way?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
7 participants
You can’t perform that action at this time.