Incorrect message: Unable to send the cookie. Maximum number of cookies would be exceeded

[ihor-sviziev]

Previously this issue was reported in #7931 and #16568, but no one was able to reproduce it.

Preconditions

1. Magento 2.2.5 installed via composer

Steps to reproduce

1. Open desktop browser Firefox
2. Navigate to about:config
3. Find "dom.storage.enabled" option and change to "false"
4. Navigate to Magento 2.2.5 (frontend), open developer tools >> Storage >> Cookies and look at list (there are 33 cookies)
   
5. Duplicate tab (open the same page in another page) - you will have 43 cookies.
   
6. Try to duplicate tab again - you will have 52 cookies.
   

Expected result

1. Cookies list should not grow such fast

Actual result

1. We can take more then 50 cookies that leads to exception that described in Unable to send the cookie. Maximum number of cookies would be exceeded #7931 and local/session storage is mismanaged, particularly when it doesn't exist #16568

Tech note

I investigated issue described in #16568 and found that we have 2 different polyfill implementaions for localStorage and sessionStorage:

1. Added to page html (https://github.com/magento/magento2/blob/2.2-develop/app/code/Magento/Theme/view/frontend/templates/js/polyfill.phtml)
2. As part of jquery.storageapi library - https://github.com/magento/magento2/blob/2.2-develop/lib/web/jquery/jquery.storageapi.min.js

These implementation are fully different. 1st one works good, but 2nd one adds strange behavior - adds separate cookie with ls_ prefix in name for each item that should be stored in localstorage and ss_<some_id>_ for session storage. As result - when customer goes through website - it will add new and new cookies (because of this strange ss_<some_id>_ prefix).

Sometimess, we're having 2nd implementation used instead of 1st one.

[magento-engcom-team]

Hi @ihor-sviziev. Thank you for your report.
To help us process this issue please make sure that you provided the following information:

• Summary of the issue
• Information on your environment
• Steps to reproduce
• Expected and actual results

Please make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, please, add a comment to the issue:

@magento-engcom-team give me {$VERSION} instance

where {$VERSION} is version tags (starting from 2.2.0+) or develop branches (2.2-develop +).
For more details, please, review the Magento Contributor Assistant documentation.

@ihor-sviziev do you confirm that you was able to reproduce the issue on vanilla Magento instance following steps to reproduce?

• yes
• no

[ghost]

@ihor-sviziev, thank you for your report.
We've acknowledged the issue and added to our backlog.

[convenient]

If a customer ends up with 50 or more cookies for whatever reason then they're basically locked out until they clear their browser cookies correct?

If the above is correct then I'm toying with the idea whether it would it be sensible to automatically wipe all the customers cookies when this error occurs and the exception is thrown

• Either way the customer won't get browsing until they clear their cookies
• Doing so automatically will annoy the customer by logging them out, but not so bad as never being able to reliably browse the site again.
• Even in this day and age many customers do not know how to clear their cookies, so this lowers the barrier of recovery and makes these errors a little less catastrophic.
• I believe the 2.2 series has improved new relic logging of reports so this would still be caught and tracked, easily identified when instances of "i was randomly logged out" are reported.

Obviously we should focus on fixing the core magento bug, but I've just seen this error caused by some rogue GTM code creating cookies in a loop and was wondering on how to make this error a little less cataclysmic.

Just a thought ¯\(ツ)/¯

[ihor-sviziev]

Hi @convenient,
I investigated this issue deeper and found that in 1598c0f#diff-69abf748a729353f99cd623615fecd9dR206 throwing an exception was changed to logging, but message was not updated. Magento CAN set more than 50 cookies, but just writing quite big list of messages "Unable to send the cookie. Maximum number of cookies would be exceeded" in logs, that is confusing people.

I think proper fix will be just updating logged message

[convenient]

Interesting. Should magento be allowing that many cookies to be set? It's getting very close to the max limit for some browsers which could result in undefined behaviour.

[ihor-sviziev]

@convenient i checked, m1 websites works good even with 80+ cookies in IE and another browsers, so it's not a big deal

[JosephMaxwell]

We are running into this on a customer's website. Has anyone come up with a decent interim solution?

[adamj88]

@JosephMaxwell there's a constant here you can increase with a patch in the interim: https://github.com/magento/magento2/blob/2.3-develop/lib/internal/Magento/Framework/Stdlib/Cookie/PhpCookieManager.php#L32

[ihor-sviziev]

Hi,

I investigated this issue more deeper. Previously magento was throwing an exception with message "Unable to send the cookie. Maximum number of cookies would be exceeded.", but after 369c963#diff-69abf748a729353f99cd623615fecd9dR210 - it's just logging of such situation, but cookies are actually sending and no real issue there. This commit was included in Magento 2.2.0, also applied in 2.3.0

It seems like situation much less critical than I thought, just incorrect message is logged here.

So no need to change any constants, you can just ignore such messages, it will not affect production anyhow.

[giangnv95]

I got the same problem on magento 2.3.2, Is there any fix from Magento or contributors ?

[ihor-sviziev]

As I said above - it’s absolutely not critical issue, it could be ignored. What’s wrong there - message

…

On Wed, Aug 28, 2019 at 06:04 giangnv95 ***@***.***> wrote: I got the same problem on magento 2.3.2, Is there any fix from Magento or contributors ? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#17195?email_source=notifications&email_token=AAOJOUNDQG4PGAUIUWR3ZPDQGXTLTA5CNFSM4FMOBE32YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5JXSUI#issuecomment-525564241>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAOJOUM4QXHWGZ7TSYXSQHLQGXTLTANCNFSM4FMOBE3Q> .

[giangnv95]

@ihor-sviziev Thanks for reply, cause it's just a warning mess, I also think I can ignore it :)
I just asking again to make sure I don't miss anything valuable 👍

[ahmadalkaid]

Dears,
The issue still there, even when we are in the production mode. I had to override the file to fix it. I am using:
Magento 2.3
PHP 7.1.33
So could anyone help here?

Thanks,

• Kaid

[FerihumF]

Same issue on 2.2.7.

[n2diving-dgx]

Same issue on 2.3.4

[ihor-sviziev]

Seems like this issue should reproduce much less as it not creating cookies for translations anymore.
Related changes:
on frontend 71c781d
on backend #27364.

[slavvka]

Hi @ihor-sviziev. Thank you for your report.
The issue has been fixed in #27364 by @ihor-sviziev in 2.4-develop branch
Related commit(s):

• 72567f6b7388a4e762da3ad9c3d96733b8f01e62

The fix will be available with the upcoming 2.4.1 release.