Set-Cookie header is ignored

[harel-tussi]

Bug report

Describe the bug

Set-Cookie header is ignored in response from url: http://localhost:3000/auth/sign-in. The combined size of the name and value must be less than or equal to 4096 characters.

To Reproduce

Use the new supabase/ssr package

import { createServerClient, type CookieOptions } from "@supabase/ssr";
import { cookies } from "next/headers";

export const createClient = (cookieStore: ReturnType<typeof cookies>) => {
  return createServerClient(
    process.env.NEXT_PUBLIC_SUPABASE_URL!,
    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
    {
      cookies: {
        get(name: string) {
          return cookieStore.get(name)?.value;
        },
        set(name: string, value: string, options: CookieOptions) {
          try {
            cookieStore.set({ name, value, ...options });
          } catch (error) {
            // The `set` method was called from a Server Component.
            // This can be ignored if you have middleware refreshing
            // user sessions.
          }
        },
        remove(name: string, options: CookieOptions) {
          try {
            cookieStore.delete({ name, ...options });
          } catch (error) {
            // The `delete` method was called from a Server Component.
            // This can be ignored if you have middleware refreshing
            // user sessions.
          }
        },
      },
    }
  );
};

Expected behavior

Should be able to set the cookie

[rajeshdavidbabu]

Just faced this bug today where my Github OAuth stopped working !

But I think it could be related to user-browser

[spaghetti-coder-yyz]

Having this issue as well - I'm not sure what happened, it was working and then stopped. Isolated tests also have this error:

[ShlomiKo]

Having the same issue with Facebook login, Google login works great but facebook loogin fails and the cookie error is showing in the console

[orenaksakal]

afaik this is fixed here https://github.com/supabase/auth-helpers/pull/669/files

[dvvolynkin]

Updated to 0.0.7
Still have this problem

[dijonmusters]

Could you try updating to 0.0.9? If this is still not working could you DM me a link to a GitHub repo so I can take a look?

[arinaldi]

Updating to 0.0.9 fixed the issue for me. Thanks @dijonmusters

[dvvolynkin]

@dijonmusters

export const createSupabaseRouteHandlerClient = (anon: boolean = true): SupabaseClient<Database> => {
  const cookieStore = cookies()

  return sbSSR.createServerClient<Database>(
    env.NEXT_PUBLIC_SUPABASE_URL!,
    anon ? env.NEXT_PUBLIC_SUPABASE_ANON_KEY! : env.SUPABASE_SERVICE_ROLE_KEY!,
    {
      cookieOptions: getCookieOptions(),
      cookies: {
        get(name: string) {
          return cookieStore.get(name)?.value
        },
        set(name: string, value: string, options: sbSSR.CookieOptions) {
          console.log("cookie length", value.length)
          cookieStore.set({ name, value, ...options })
        },
        remove(name: string, options: sbSSR.CookieOptions) {
          cookieStore.set({ name, value: '', ...options })
        },
      },
    }
  )
}

cookie length in chunk is 3143

But after encoding in Set-Cookie header value length is 4262

[nikitastryuk]

Facing this as well

 await supabase.auth.signInWithOAuth({
      provider: 'google',
      options: {
        redirectTo: `${window.location.origin}${configuration.paths.authCallback}`,
      },
  });

"supabase": "^1.115.0"

[tyforcode]

This is still happening for me "@supabase/ssr": "^0.0.10" , "@supabase/supabase-js": "^2.39.1". Seems related to additional metadata attached to the user object.

The session returns properly but the cookie cannot be set...

[spaghetti-coder-yyz]

Yes same here - if I login with a user with no metadata, the cookie is fine and no issue. I've had to refactor my app to store the metadata previously in the user into a separate table: userdata

[Aietes]

I'm facing this issue as well. I'm not sure why this issue is closed, as the issue persists with the latest version. Is there any feasible workaround available?

[0xmax]

yeah, why is this closed? happening to me too, any workaround known?

[Aietes]

It seems this is fixed with the lates supabase-ssr 0.1.0 release. 👍🏻

[layerzzzio]

I still have the same issue with supabase-ssr 0.1.0 and supabase-js 2.39.7.

[HunterWhiteDev]

@layerzzzio Did you ever fix this?

[encima]

Can you confirm you are running the latest releases of both packages. If you are experiencing the issue, please also provide the length of the cookie to help us investigate.

[MirroxDev]

I use "@supabase/ssr": "\^0.0.10", "@supabase/supabase-js": "\^2.42.0", ,and I have the same error .

I checked the length of my cookies , the length of my cookies cookie length 3180,cookie length 755
and this is less than 4096.

        cookies: {
          get(name: string) {
            return cookieStore.get(name)?.value;
          },
          set(name: string, value: string, options: CookieOptions) {
            console.log("cookie length", value.length)
            cookieStore.set({ name, value, ...options });
          },
          remove(name: string, options: CookieOptions) {
            cookieStore.delete({ name, ...options });
          },
        },

And the most interesting thing is that I can log in from my main account, but I can’t from the secondary one (((