Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Domain is inappropriate based on request URI hostname #120

Open
iDiogenes opened this issue Jul 21, 2014 · 7 comments

Comments

@iDiogenes
Copy link

commented Jul 21, 2014

I have been getting the error: "Domain is inappropriate based on request URI hostname" when trying to subscribe to SFDC's streaming API. This started to occur right after they did their Summer'14 upgrade. Anyway else getting this problem?

@sallustfire

This comment has been minimized.

Copy link

commented Jul 22, 2014

I've encountered this problem as well, and have done a bit of investigating. It appears that the cookie domain value is conflicting with the request_uri in cookie jar. Salesforce is setting the cookie domain as ".salesforce.com" which will not match the corresponding request domain according to RFC 2109.

The value for the Domain attribute contains no embedded dots or does not start with a dot.
Examples:

  • A Set-Cookie from request-host y.x.foo.com for Domain=.foo.com would be rejected, because H is y.x and contains a dot.

The following code reproduces the error. I suspect that Salesforce updated their API to be RFC 6265 compliant, but cookie jar does not support that RFC yet.

request_uri = Addressable::URI.parse("https://stepsaway--IMT.cs16.my.salesforce.com/cometd/26.0")
jar = CookieJar::Jar.new
jar.set_cookie(request_uri, "BrowserId=DShd3_TnQF2IMrMf85VyZw;Path=/;Domain=.salesforce.com;Expires=Sat, 20-Sep-2014 17:44:51 GMT")
@mshoaibiqbal

This comment has been minimized.

Copy link

commented Jul 23, 2014

I have the same error "CookieJar::InvalidCookieError: Domain is inappropriate based on request URI hostname". Here is my test code.

task :test => :environment do
curr_config = YAML::load(File.open(file_path))
# Initialize a client with your username/password/oauth token/etc.
client = Restforce.new :username => curr_config["username"],
:password => curr_config["password"],
:security_token => curr_config["security_token"],
:client_id => curr_config["client_id"],
:client_secret => curr_config["client_secret"],
:host => curr_config["host"],
:api_version => '30.0'
client.create! 'PushTopic', {
ApiVersion: '30.0',
Name: 'AllAccounts',
Description: 'All account records',
NotifyForOperationUpdate: true,
NotifyForFields: 'All',
Query: "select Id,Name from Account"
}
EM.run {
# Subscribe to the PushTopic.
client.subscribe 'AllAccounts' do |message|
puts message.inspect
end
}
end

@mshoaibiqbal

This comment has been minimized.

Copy link

commented Jul 23, 2014

iDiogenes need to think a hack with cookiejar. Just add the following line in your Gem and this will solve your problem.
gem "cookiejar", :git => "https://github.com/MissionCapital/cookiejar.git"

@iDiogenes

This comment has been minimized.

Copy link
Author

commented Jul 24, 2014

@mshoaibiqbal I opened a ticket with SalesForce to find out what had changed. The support person informed me that there was a change to the cookie header, but didn't tell me the specifics. This gives further credence to @sallustfire claim about the RFC adjustment. SF support is looking into the details for me and once I hear back from him I will post what I find. Thanks for the patch, but I just did a money patch of that method to circumvent the error.

Out of curiosity what SF instance are you user? I am really surprised more people are not upset over this issue. I am on NA15.

@iDiogenes

This comment has been minimized.

Copy link
Author

commented Jul 24, 2014

Just as a point of note for the issue and as reflected in @mshoaibiqbal version of the cookie jar gem, the fix is to comment out the calling of the domains_match method in the CookieValidation module of the cookiejar gem.

  # The request-host is a HDN (not IP address) and has the form HD,
  # where D is the value of the Domain attribute, and H is a string
  # that contains one or more dots.
  #unless domains_match cookie_host, uri
  #  errors << "Domain is inappropriate based on request URI hostname"
  #end
@mshoaibiqbal

This comment has been minimized.

Copy link

commented Jul 24, 2014

@iDiogenes , I am on NA3

@phereford

This comment has been minimized.

Copy link

commented Mar 6, 2017

I just experienced this issue when they transferred our salesforce environment from na11 to something else.

@mshoaibiqbal suggestion worked for us.

pre added a commit to smartlyio/cookiejar that referenced this issue May 17, 2018

MONKEY PATCH: Remove check which fails with .domain.com cookies
There has been an open issue in cookiejar Gem since 2014.
The project seems unmaintained, but it's used by the faye gem.

References:
* restforce/restforce#120
* dwaite#19
* dwaite#23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.