431 Request Header Fields Too Large error (almost 100 fusionauth.known-device cookies)
-
While using the hosted login page, I started receiving a 431 HTTP error, indicating my header is too large. When I took a look at the header, I noticed I had almost 100 fusionauth.known-device.* cookies.
The documentation for Hosted Login page Cookies just says more than one of these known device cookies might be set.
Is there a configuration value I overlooked to limit the number of fusionauth.known-device.* cookies? My request only had two cookies not associated with FusionAuth, and both have relatively short values (UUIDs), so I am pretty sure the problem lies with my FusionAuth instance.
I'm using the fusionauth/fusionauth-app:1.49.2 Docker image. Thanks in advance for any help.
-
@05-years_tourer have you tried to clear you cache and try again?
-
@mark-robustelli deleting the cookie fixes the symptom, but I'm looking to address the root cause. I don't want users to see a 431 error.
-
@05-years_tourer So there is no configuration value but you can check out this and see if there is a strategy that will work for you.
Device Limiting with FusionAuth. -
@mark-robustelli thanks for the documentation link. I used a version of the "Logout Requirements" example to redirect to an endpoint that removes any
fusionauth.known-device.*cookies before redirecting back to the application.Do you think the Hosted Backend should remove
fusionauth.known-device.*cookies when it removes the other tokens, at least in the case wherefusionauth.remember-deviceisfalse?Otherwise, it seems certain we will hit the HTTP 431 error whenever an application is accessed on a shared device with ~100 users. Or is the Hosted Backend not something FusionAuth envisions people using in production?
