Bug #2706
Size of cookies stored by TVHeadend breaks access to other servers (specifically Apache) running on the same machine.
0%
Description
When you've changed a few options in TVHeadend (e.g. Filters, shown and hidden columns) and then try to access a page on an Apache server running on the same IP address Apache reports the following error message:-
Bad Request Your browser sent a request that this server could not understand. Size of a request header field exceeds server limit. Cookie /n Apache/2.2.22 (Ubuntu) Server at 127.0.1.1 Port 80
If you look in Chrome's developer tools you can see that the Cookies are using 8841bytes - however the [[http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize|default Apache limit is 8190]] which means anyone else running Apache and TVHeadend on the same machine is likely to hit the same issue
It's getting rather old having to zap my cookies constantly
I have been able to work round this by setting the Apache option:-
LimitRequestFieldSize 32768
but that didn't work in the shared file!
Cookies 8841 scrollPosition N/A N/A N/A 17 ys-api/bouquet o%3Acolumns%3Da%253Ao%25253Aid%25253Dn%2525253A0%25255Ewidth%25253Dn%2525253A41%255Eo%25253Aid%25253Dn%2525253A1%25255Ewidth%25253Dn%2525253A41%255Eo%25253Aid%25253Dn%2525253A2%25255Ewidth%25253Dn%2525253A200%255Eo%25253Aid%25253Dn%2525253A3%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A4%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A5%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A6%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A7%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A8%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A9%25255Ewidth%25253Dn%2525253A299%255Eo%25253Aid%25253Dn%2525253A10%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A11%25255Ewidth%25253Dn%2525253A83%255Eo%25253Aid%25253Dn%2525253A12%25255Ewidth%25253Dn%2525253A166%5Esort%3Do%253Afield%253Ds%25253Asource%255Edirection%253Ds%25253AASC%5Efilters%3Do%253Aname%253Ds%25253ACentral%252520E N/A N/A N/A 991 ys-api/channel o%3Acolumns%3Da%253Ao%25253Aid%25253Dn%2525253A0%25255Ewidth%25253Dn%2525253A31%255Eo%25253Aid%25253Dn%2525253A1%25255Ewidth%25253Dn%2525253A37%255Eo%25253Aid%25253Dn%2525253A2%25255Ewidth%25253Dn%2525253A189%255Eo%25253Aid%25253Dn%2525253A3%25255Ewidth%25253Dn%2525253A50%255Eo%25253Aid%25253Dn%2525253A4%25255Ewidth%25253Dn%2525253A189%255Eo%25253Aid%25253Dn%2525253A5%25255Ewidth%25253Dn%2525253A189%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A6%25255Ewidth%25253Dn%2525253A37%255Eo%25253Aid%25253Dn%2525253A7%25255Ewidth%25253Dn%2525253A189%255Eo%25253Aid%25253Dn%2525253A8%25255Ewidth%25253Dn%2525253A50%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A9%25255Ewidth%25253Dn%2525253A50%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A10%25255Ewidth%25253Dn%2525253A311%255Eo%25253Aid%25253Dn%2525253A11%25255Ewidth%25253Dn%2525253A189%255Eo%25253Aid%25253Dn%2525253A12%25255Ewidth%25253Dn%2525253A189%5Esort%3Do%253Afield%253Ds%25253Aservices%255Edirection%253Ds%25253AASC%5Efilters%3Do%253A N/A N/A N/A 1058 ys-api/channeltag o%3Acolumns%3Da%253Ao%25253Aid%25253Dn%2525253A0%25255Ewidth%25253Dn%2525253A54%255Eo%25253Aid%25253Dn%2525253A1%25255Ewidth%25253Dn%2525253A73%255Eo%25253Aid%25253Dn%2525253A2%25255Ewidth%25253Dn%2525253A281%255Eo%25253Aid%25253Dn%2525253A3%25255Ewidth%25253Dn%2525253A54%255Eo%25253Aid%25253Dn%2525253A4%25255Ewidth%25253Dn%2525253A54%255Eo%25253Aid%25253Dn%2525253A5%25255Ewidth%25253Dn%2525253A281%255Eo%25253Aid%25253Dn%2525253A6%25255Ewidth%25253Dn%2525253A281%255Eo%25253Aid%25253Dn%2525253A7%25255Ewidth%25253Dn%2525253A54%255Eo%25253Aid%25253Dn%2525253A8%25255Ewidth%25253Dn%2525253A281%5Esort%3Do%253Afield%253Ds%25253Aname%255Edirection%253Ds%25253AASC%5Efilters%3Do%253A N/A N/A N/A 700 ys-api/dvr/entry/grid_finished o%3Acolumns%3Da%253Ao%25253Aid%25253Ds%2525253Adetails%25255Ewidth%25253Dn%2525253A46%255Eo%25253Aid%25253Dn%2525253A1%25255Ewidth%25253Dn%2525253A25%255Eo%25253Aid%25253Dn%2525253A2%25255Ewidth%25253Dn%2525253A157%255Eo%25253Aid%25253Dn%2525253A3%25255Ewidth%25253Dn%2525253A157%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A4%25255Ewidth%25253Dn%2525253A72%255Eo%25253Aid%25253Dn%2525253A5%25255Ewidth%25253Dn%2525253A164%255Eo%25253Aid%25253Dn%2525253A6%25255Ewidth%25253Dn%2525253A41%255Eo%25253Aid%25253Dn%2525253A7%25255Ewidth%25253Dn%2525253A41%255Eo%25253Aid%25253Dn%2525253A8%25255Ewidth%25253Dn%2525253A157%255Eo%25253Aid%25253Dn%2525253A9%25255Ewidth%25253Dn%2525253A157%255Eo%25253Aid%25253Dn%2525253A10%25255Ewidth%25253Dn%2525253A157%255Eo%25253Aid%25253Dn%2525253A11%25255Ewidth%25253Dn%2525253A157%255Eo%25253Aid%25253Dn%2525253A12%25255Ewidth%25253Dn%2525253A157%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A13%25255Ewidth%25253Dn%2525253A41%255Eo%25253Aid%25253Dn%2525253A14%25255Ewidth%25253Dn%2525253A41%255Eo%25253Aid%25253Dn%2525253A15%25255Ewidth%25253Dn%2525253A157%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A16%25255Ewidth%25253Dn%2525253A157%5Esort%3Do%253Afield%253Ds%25253Astart_real%255Edirection%253Ds%25253AASC%5Efilters%3Do%253A N/A N/A N/A 1345 ys-api/dvr/entry/grid_upcoming o%3Acolumns%3Da%253Ao%25253Aid%25253Ds%2525253Adetails%25255Ewidth%25253Dn%2525253A46%255Eo%25253Aid%25253Dn%2525253A1%25255Ewidth%25253Dn%2525253A200%255Eo%25253Aid%25253Dn%2525253A2%25255Ewidth%25253Dn%2525253A200%255Eo%25253Aid%25253Dn%2525253A3%25255Ewidth%25253Dn%2525253A200%255Eo%25253Aid%25253Dn%2525253A4%25255Ewidth%25253Dn%2525253A182%255Eo%25253Aid%25253Dn%2525253A5%25255Ewidth%25253Dn%2525253A89%255Eo%25253Aid%25253Dn%2525253A6%25255Ewidth%25253Dn%2525253A49%255Eo%25253Aid%25253Dn%2525253A7%25255Ewidth%25253Dn%2525253A49%255Eo%25253Aid%25253Dn%2525253A8%25255Ewidth%25253Dn%2525253A200%255Eo%25253Aid%25253Dn%2525253A9%25255Ewidth%25253Dn%2525253A200%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A10%25255Ewidth%25253Dn%2525253A200%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A11%25255Ewidth%25253Dn%2525253A200%255Eo%25253Aid%25253Dn%2525253A12%25255Ewidth%25253Dn%2525253A200%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A13%25255Ewidth%25253Dn%2525253A49%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A14%25255Ewidth%25253Dn%2525253A49%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A15%25255Ewidth%25253Dn%2525253A200%25255Ehidden%25253Db%2525253A1%5Esort%3Do%253Afield%253Ds%25253Astart_real%255Edirection%253Ds%25253AASC%5Efilters%3Do%253A N/A N/A N/A 1373 ys-api/mpegts/mux o%3Acolumns%3Da%253Ao%25253Aid%25253Dn%2525253A0%25255Ewidth%25253Dn%2525253A30%255Eo%25253Aid%25253Dn%2525253A1%25255Ewidth%25253Dn%2525253A37%255Eo%25253Aid%25253Dn%2525253A2%25255Ewidth%25253Dn%2525253A191%255Eo%25253Aid%25253Dn%2525253A3%25255Ewidth%25253Dn%2525253A191%255Eo%25253Aid%25253Dn%2525253A4%25255Ewidth%25253Dn%2525253A191%255Eo%25253Aid%25253Dn%2525253A5%25255Ewidth%25253Dn%2525253A49%255Eo%25253Aid%25253Dn%2525253A6%25255Ewidth%25253Dn%2525253A49%255Eo%25253Aid%25253Dn%2525253A7%25255Ewidth%25253Dn%2525253A191%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A8%25255Ewidth%25253Dn%2525253A191%255Eo%25253Aid%25253Dn%2525253A9%25255Ewidth%25253Dn%2525253A191%255Eo%25253Aid%25253Dn%2525253A10%25255Ewidth%25253Dn%2525253A191%25255Ehidden%25253Db%2525253A1%255Eo%25253Aid%25253Dn%2525253A11%25255Ewidth%25253Dn%2525253A49%255Eo%25253Aid%25253Dn%2525253A12%25255Ewidth%25253Dn%2525253A49%255Eo%25253Aid%25253Dn%2525253A13%25255Ewidth%25253Dn%2525253A191%5Esort%3Do%253Afield%253Ds%25253Atsid%255Edirection%253Ds%25253AASC%5Efilters%3Do%253Anetwork%253Ds%25253A28.2%255Eonid%253Do%25253Aeq%25253Dn%2525253A2 N/A N/A N/A 1158 ys-api/mpegts/service o%3Acolumns%3Da%253Ao%25253Aid%25253Dn%2525253A0
Files
History
Updated by Jaroslav Kysela over 9 years ago
Updated by Is this a bug? I don't think so.. Anyway, move tvh to another hostname to not share settings with your apache.
Updated by Kev S over 9 years ago
Updated by Something which breaks another application, in it's default configuration, is a bug - and with something as widely used as Apache I'm unlikely to be the only one with this combination (in my case Apache is serving up channel icons and a few other sundries - e.g. my energy monitors reporting page and not a publicly facing site)
The "hostname" for Apache is simply the IP address (192.168.6.61), TVHeadend is accessed via 192.168.6.61:9981 - not all of us have internal DNS servers or the ability to setup hostfiles on every machine (and even if I had a mac Bonjour doesn't work via a VPN).
Updated by Jaroslav Kysela over 9 years ago
- Priority changed from Normal to Low
Think the way that your setup is misconfigured. Apache just does not know how to handle specific tvh cookies because you cannot distinguish the accesses from your browser to one IP address to different services.
The current cookie specification is RFC 6265, which replaces RFC 2109 and RFC 2965.
"""
8.5. Weak Confidentiality
Cookies do not provide isolation by port. If a cookie is readable by a service running on one port, the cookie is also readable by a service running on another port of the same server. If a cookie is writable by a service on one port, the cookie is also writable by a service running on another port of the same server. For this reason, servers SHOULD NOT both run mutually distrusting services on different ports of the same host and use cookies to store security sensitive information.
"""