You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a user, I am receiving the email with the magic link, but production gave me the following error message after submitting the form with the email.
Error: Cookie length will exceed browser maximum. Length: 4503
after calling the function:
awaitauth.authenticate("email-link",request,{successRedirect: "/auth/login",// If this is not set, any error will be throw and the ErrorBoundary will be// rendered.failureRedirect: "/auth/login",});
This is the track trace:
The throw new Error("Cookie length will exceed browser maximum. Length: " + serializedCookie.length); method in the remix createCookieSessionStorageFactory function
/** * Creates and returns a SessionStorage object that stores all session data * directly in the session cookie itself. * * This has the advantage that no database or other backend services are * needed, and can help to simplify some load-balanced scenarios. However, it * also has the limitation that serialized session data may not exceed the * browser's maximum cookie size. Trade-offs! * * @see https://remix.run/utils/sessions#createcookiesessionstorage */constcreateCookieSessionStorageFactory=createCookie=>({cookie: cookieArg}={})=>{letcookie=cookies.isCookie(cookieArg) ? cookieArg : createCookie((cookieArg===null||cookieArg===void0 ? void0 : cookieArg.name)||"__session",cookieArg);sessions.warnOnceAboutSigningSessionCookie(cookie);return{asyncgetSession(cookieHeader,options){returnsessions.createSession(cookieHeader&&(awaitcookie.parse(cookieHeader,options))||{});},asynccommitSession(session,options){letserializedCookie=awaitcookie.serialize(session.data,options);if(serializedCookie.length>4096){thrownewError("Cookie length will exceed browser maximum. Length: "+serializedCookie.length);}returnserializedCookie;},asyncdestroySession(_session,options){returncookie.serialize("",{
...options,expires: newDate(0)});}};};
In the function of the library authenticate and in the line const cookie = await sessionStorage.commitSession(session);
asyncauthenticate(request,sessionStorage,options){var_a;constsession=awaitsessionStorage.getSession(request.headers.get('Cookie'));constform=newURLSearchParams(awaitrequest.text());// This should only be called in an action if it's used to start the login processif(request.method==='POST'){if(!options.successRedirect){thrownewError('Missing successRedirect. The successRedirect is required for POST requests.');}// get the email address from the request bodyconstemailAddress=form.get(this.emailField);// if it doesn't have an email address,if(!emailAddress||typeofemailAddress!=='string'){constmessage='Missing email address.';if(!options.failureRedirect){thrownewError(message);}session.flash(this.sessionErrorKey,{ message });constcookie=awaitsessionStorage.commitSession(session);throw(0,server_runtime_1.redirect)(options.failureRedirect,{headers: {'Set-Cookie': cookie},});}try{// Validate the email addressawaitthis.validateEmail(emailAddress);constdomainUrl=this.getDomainURL(request);constmagicLink=awaitthis.sendToken(emailAddress,domainUrl,form);session.set(this.sessionMagicLinkKey,awaitthis.encrypt(magicLink));session.set(this.sessionEmailKey,emailAddress);throw(0,server_runtime_1.redirect)(options.successRedirect,{headers: {'Set-Cookie': awaitsessionStorage.commitSession(session),},});}catch(error){// eslint-disable-next-line @typescript-eslint/no-explicit-anyif(error.status===302){// If it's a redirect, then just throw the redirect as it isthrowerror;}if(!options.failureRedirect){throwerror;}const{ message }=error;session.flash(this.sessionErrorKey,{ message });constcookie=awaitsessionStorage.commitSession(session);throw(0,server_runtime_1.redirect)(options.failureRedirect,{headers: {'Set-Cookie': cookie},});}}letuser;try{// If we get here, the user clicked on the magic link inside emailconstmagicLink=(_a=session.get(this.sessionMagicLinkKey))!==null&&_a!==void0 ? _a : '';const{emailAddress: email, form }=awaitthis.validateMagicLink(request.url,awaitthis.decrypt(magicLink));// now that we have the user email we can call verify to get the useruser=awaitthis.verify({ email, form,magicLinkVerify: true});}catch(error){// if something happens, we should redirect to the failureRedirect// and flash the error message, or just throw the error if failureRedirect// is not definedif(!options.failureRedirect){throwerror;}const{ message }=error;session.flash(this.sessionErrorKey,{ message });constcookie=awaitsessionStorage.commitSession(session);throw(0,server_runtime_1.redirect)(options.failureRedirect,{headers: {'Set-Cookie': cookie},});}if(!options.successRedirect){returnuser;}// remove the magic link and email from the sessionsession.unset(this.sessionMagicLinkKey);session.unset(this.sessionEmailKey);session.set(options.sessionKey,user);constcookie=awaitsessionStorage.commitSession(session);throw(0,server_runtime_1.redirect)(options.successRedirect,{headers: {'Set-Cookie': cookie},});}
Is any way to print all the values of the session to check if for some reason I am putting external data?
Using the library fill the email, and then trigger the authentication process.
Expected behavior
As a user, I am receiving the email with the magic link, but production gave me the following error message after submitting the form with the email.
Error: Cookie length will exceed browser maximum. Length: 4503
Screenshots or Videos
Platform
OS: [macOS]
Browser: [Chrome, Safari]
Version: [113.0,16.5]
Additional context
No response
The text was updated successfully, but these errors were encountered:
Describe the bug
As a user, I am receiving the email with the magic link, but production gave me the following error message after submitting the form with the email.
Error: Cookie length will exceed browser maximum. Length: 4503
after calling the function:
This is the track trace:
The
throw new Error("Cookie length will exceed browser maximum. Length: " + serializedCookie.length);
method in the remixcreateCookieSessionStorageFactory
functionIn the function of the library
authenticate
and in the lineconst cookie = await sessionStorage.commitSession(session);
Is any way to print all the values of the session to check if for some reason I am putting external data?
Your Example Website or App
https://aa8d-190-135-204-71.ngrok-free.app/auth/login
Steps to Reproduce the Bug or Issue
Expected behavior
As a user, I am receiving the email with the magic link, but production gave me the following error message after submitting the form with the email.
Error: Cookie length will exceed browser maximum. Length: 4503
Screenshots or Videos
Platform
Additional context
No response
The text was updated successfully, but these errors were encountered: