Identityserver4: Cookie size prevents Safari working

Created on 24 Jun 2017  路  6Comments  路  Source: IdentityServer/IdentityServer4
  • [x ] I read and understood how to enable logging

Issue / Steps to reproduce the problem

  1. Use the IdentityServer4.Samples/Quickstarts/8_EntityFrameworkStorage
  2. Login with Google Chrome (Windows 10) - all OK
  3. Long with Safari (Windows 10) - An unhandled exception occurred while processing the request. FormatException: The chunked cookie is incomplete. Only 1 of the expected 2 chunks were found, totaling 4029 characters. A client size limit may have been exceeded.

Relevant parts of the log file

Microsoft.AspNetCore.Authentication.Cookies.ChunkingCookieManager.GetRequestCookie(HttpContext context, string key)
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler+<ReadCookieTicket>d__11.MoveNext()
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler+<HandleAuthenticateAsync>d__12.MoveNext()
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
Microsoft.AspNetCore.Authentication.AuthenticationHandler+<InitializeAsync>d__52.MoveNext()
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware+<Invoke>d__18.MoveNext()
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware+<Invoke>d__7.MoveNext()
question
Source
picture TDK1964

All 6 comments

That's a know Safari problem. All you can do is to keep the cookies as small as possible. I assume this is happening at the client not IdentityServer?

leastprivilege picture leastprivilege on 24 Jun 2017

@leastprivilege Yes, it's on the client, IdentityServer is fine.
I presume claims are the culprit so would storing these claims in MemoryCache or RedisCache solve the problem?
services.AddCookieAuthentication(o => o.SessionStore = new MemoryCacheTicketStore());
Would it break IdentityServer or cause any unexpected issues?

TDK1964 picture TDK1964 on 24 Jun 2017

Well - it's the SaveTokens feature that is making cookies so big. Either take control over your own persistence or try the session store.

leastprivilege picture leastprivilege on 24 Jun 2017
👎4

I just ran into this problem where it's trying to stuff too much into the idsrv cookie (which AFAIK I don't really controll what get's put into). Could you provide more explanation about "Either take control over your own persistence or try the session store"? What would I need to plug into to store in session or similar instead?

Alxandr picture Alxandr on 26 Jun 2017

Related: https://github.com/IdentityServer/IdentityServer4/issues/1066

brockallen picture brockallen on 28 Jun 2017

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

lock[bot] picture lock[bot] on 14 Jan 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

leastprivilege picture leastprivilege  路  3Comments
createroftheearth picture createroftheearth  路  3Comments
chrisrestall picture chrisrestall  路  3Comments
garymacpherson picture garymacpherson  路  3Comments
nukec picture nukec  路  3Comments