Bug #47073
Cookie causes Error after Update
| Status: | New | Start date: | 2013-04-09 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assigned To: | - | % Done: | 0% |
|
| Category: | Http | |||
| Target version: | - | |||
| PHP Version: | 5.3 | Complexity: | ||
| Has patch: | No | Affected Flow version: | (any) |
Description
Notice: Undefined offset: 1 in /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php on line 433
Fatal error: Uncaught exception 'InvalidArgumentException' with message 'The parameter "name" passed to the Cookie constructor must be a valid token as per RFC 2616, Section 2.2.' in /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Cookie.php:105
Stack trace: #0 /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(434): TYPO3\Flow\Http\Cookie->__construct('', '')
#1 /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(128): TYPO3\Flow\Http\Headers->setCookiesFromRawHeader('')
#2 /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(54): TYPO3\Flow\Http\Headers->set('Cookie', '')
#3 /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(81): TYPO3\Flow\Http\Headers->__construct(Array)
#4 /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Request.php(75): TYPO3\Flow\Http\He in /.../_flow/FLOW-2.0/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Cookie.php on line 105
Occurance: after updating application on test-server (ftp, sql-dump) and running flow:cache:flush
Direct cause: unknown
Related Infos: Apart from the session-id, the application saves one extra cookie with a lifetime of +1 year. Manually deleting this cookie in the browser lets the application to run without error again.
History
#1 Updated by Robert Lemke about 2 years ago
- Target version set to 2.0.1
#2 Updated by Bernd Helbig about 2 years ago
Heres another cause that triggers the same problem, now on beta3
In Firefox 17.0.6-esr on ubuntu x64 the problem can be replicated easily by opening Firebug 1.11.3 and refreshing the page.
Closing the Firebug panel causes the site to work again.
Notice: Undefined offset: 1 in /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php on line 433
Fatal error: Uncaught exception 'InvalidArgumentException' with message 'The parameter "name" passed to the Cookie constructor must be a valid token as per RFC 2616, Section 2.2.' in /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Cookie.php:105
Stack trace:
#0 /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(434): TYPO3\Flow\Http\Cookie->__construct('', '')
#1 /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(128): TYPO3\Flow\Http\Headers->setCookiesFromRawHeader('')
#2 /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(54): TYPO3\Flow\Http\Headers->set('Cookie', '')
#3 /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Headers.php(81): TYPO3\Flow\Http\Headers->__construct(Array)
#4 /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http in /.../_flow/FLOW-2.0-beta3/Packages/Framework/TYPO3.Flow/Classes/TYPO3/Flow/Http/Cookie.php on line 105
#3 Updated by Bastian Waidelich about 2 years ago
We had other reports (in the #typo3-flow IRC channel) reporting this bug when hosting Neos on the same domain as other tools (in this case the axigen webmailer, see http://pastebin.com/p0JwCKXk).
I'm not sure how important it is to strictly follow RFC 2616 for the cookie names and how to deal with "legacy" names. Probably there is no great harm in accepting them, too
#4 Updated by Bernd Helbig about 2 years ago
In our case, we have nothing else running on the server yet.
The cookie in question in the form of "abc_lang" and should be well within RFC specs.
#5 Updated by Sebastian Müller over 1 year ago
We had the same error. The Problem was a trailing ; in the cookie. After removing it, flow works again.
If you are using varnish:
We are using varnish and removed cookies before sending request to backend. We removed some cookies but also have to remove the may occuring trailing ;.
set req.http.Cookie = regsuball(req.http.Cookie, "; *$", "\1");
#6 Updated by Adrian Föder over 1 year ago
- Status changed from New to Accepted
- Assigned To set to Bastian Waidelich
- Target version deleted (
2.0.1) - Affected Flow version changed from Flow 2.0.0 beta 1 to (any)
a must have IMO, too.
We have (sorry for that: a Joomla) on the same domain, and when plucked its Cookie and visiting Flow/Neos, that too restrictive exception occurs.
I would wrap it in a try {} catch (\InvalidArgumentException); but where? And, since everything involved is Proxy(false), we cannot log the exception :(
Bastian, what would you suggest; I'd gladly implement it.
#7 Updated by Adrian Föder over 1 year ago
addendum: the evil cookie names in questions are (both)
- fboard_settings[current_view]
- fboard_settings[member_id]
...for example.
#8 Updated by Adrian Föder over 1 year ago
I see the problem in just catching the exception silently because there may be use cases where an exception is wanted.
What do you think about something like a "graceful" state of the Http Request and everything involved? I am not sure about this, this might quickly become hacky...
...and one more update, seems like PHP itself is not fully blameless for this, see http://www.php.net/manual/en/function.setcookie.php `Example #3 setcookie() and arrays`: it encourages the use of stuff like setcookie("cookie[three]", "cookiethree"); which is obviously not RFC compliant.
#9 Updated by Bastian Waidelich 8 months ago
- Status changed from Accepted to New
- Assigned To deleted (
Bastian Waidelich)
I still agree that this is an important issue but in order to prevent this from lingering on in limbo I unassign myself for now so no-one feels blocked to push a patch ;)