Ignore (or clear) too long cookie?


#1

Hello,

is there a way witch NginX to ignore or delete a too long cookie ?
(which produce a return 400 Bad Request)

Thanks,
Olivier


#2

See http://wiki.nginx.org/NginxHttpCoreModule#client_header_buffer_size
and
http://wiki.nginx.org/NginxHttpCoreModule#large_client_header_buffers.

Jim


#3

Olivier B. <nginx.list@…> writes:

Hello,

is there a way witch NginX to ignore or delete a too long cookie ?
(which produce a return 400 Bad Request)

Thanks,
Olivier

Adjust your client_header_buffer_size.

Josh


#4

On Fri, May 22, 2009 at 03:44:44PM +0000, Josh Turmel (@JT) wrote:

Adjust your client_header_buffer_size.

It’s better to increase large_client_header_buffers.
They were specially created for large headers.


#5

Thanks, but this only allow to increase the limit… is there another
way ?

I would like to avoid this sort of “cookie injection” :
http://sirdarckcat.blogspot.com/2009/04/how-to-use-google-analytics-to-dos.html
So I can’t really know the size of the cookie.

Olivier

Jim O. a écrit :