-
-
Notifications
You must be signed in to change notification settings - Fork 192
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Login not working if random cookie with size greater than 1975 is set #2625
Comments
Thanks for this interesting observation. I could perfectly reproduce that issue. However, didn't find any quick solution/fix for it. Perhaps someone else (@jp112sdl ?) might have an idea where exactly such long cookies are currently blocking the WebUI logins... |
Maybe lighttpd-error.log helps:
I don't have other suggestions or ideas |
@jens-maus i'm glad that you could reproduce it 👍 but yes thats a really weird issue. but i really don't have any idea what component that is.. something in OCCU maybe which is serving the APIs and WebUI. but thats just guessing as im not familiar with the whole components here |
Ok, after some further investigation it seems this is a bug/issue in the internal web server of the |
@eloo Please note that with the next nightly snapshot RaspberryMatic will come with ReGaHss R1.00.0388.0237 which should fix this issue. So if you can please re-test then and see if everything is working as expected. |
@jens-maus just tested the latest version and it looks like the fix is working as expected thanks |
Describe the issue you are experiencing
Hi,
i have found that the Login is not working if a random cookie with a size greater than 1975 (not sure if this is the correct number) is set.
I have encountered this because my SSO setup (oauth-proxy & authelia) is setting such a big cookie (around 2400).
I thought first its related to the cookie name or something but it seems that its only the cookie size.
So a random cookie for your site would "work" here.
Maybe its related to some max-request-size config of lighttpd or something in raspberrymatic itself.
Describe the behavior you expected
I would expect that a random issue does not produce login issues.
Steps to reproduce the issue
What is the version this bug report is based on?
3.73.9.20231130
Which base platform are you running?
oci (Open Container Infrastructure)
Which HomeMatic/homematicIP radio module are you using?
n/a
Anything in the logs that might be useful for us?
Additional information
No response
The text was updated successfully, but these errors were encountered: