We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Error 400 after setting cookie domain

June 12, 2011 2:12pm

Subscribe [3]

  • #1 / Jun 12, 2011 2:12pm

    Macrike

    137 posts

    This question may be related to a resolved thread.

    After a few years running the site, I just realised that no domain was set in the Cookie Settings (yes, I had been logging in to the site every morning…  :shut: ).

    Anyway, I set the domain with the period in front and now my session stays open unless I log out, which is awesome.

    The problem is that many users are getting Error 400 with the following notice:

    Bad Request
    Your browser sent a request that this server could not understand.
    Size of a request header field exceeds server limit.
    Cookie: exp_notify_me=yes; exp_save_info=no;

    This is solved by deleting saved cookies on the user’s browser, but I can’t possibly ask everybody to do that.

    I tried changing the LimitRequestFieldSize on the Apache configuration file, but I’m not entirely sure if I have to recompile Apache for the changes to apply or not.

    Any ideas? Is it possible to ‘force’ cookies to be updated or deleted? Should I remove the Cookie Settings again? :S

  • #2 / Jun 13, 2011 2:53am

    John Henry Donovan

    12339 posts

    Macrike,

    I found this at the following thread after a search.

    Size of a request header field exceeds server limit

      GSSAPI tokens exchanged between the client and server may exceed Apache’s default request field limits. By default this limit is 8190 bytes. If the tokens sent by the browser to the server exceed the limit, you will see this error:

      Size of a request header field exceeds server limit

      If you have Apache 2.0.53 or higher, you can increase the field limit with the LimitRequestFieldSize directive in httpd.conf:

      LimitRequestFieldSize 16382

    You could ask your host to increase this for you or I believe you may be also able to change it in your htaccess file. Your host should be able to tell you if you can or not.

  • #3 / Jun 13, 2011 6:16am

    Macrike

    137 posts

    I increased the LimitRequestFieldSize to 32768 bytes and restarted Apache. Or at leaste I think I did (I don’t know how I can make sure the change has appied). Waiting to hear from the user to see if that fixed it or not.

    I can’t change it from the .htaccess since it’s a server level configuration and not directory level, as mentioned in the docs.

    Edit: The user says he still can’t access the site from his browser. I don’t know what else to do.

  • #4 / Jun 14, 2011 2:10pm

    Brandon Jones

    5500 posts

    Hi Macrike,

    If you’re not able to increase that limit on the server side I think you could go back to a “blank” cookie domain, and set the Control Panel Session Type to Cookies Only under Admin > Security and Privacy > Security and Settings. Does that work?

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register