HTTP error 431 after changing the server and IP of password authenticated domain
We had same issue after upgrade to HTTP 2. It was caused by having too many cookies set. The tricky part is that this error was not caused by header field size (in Apache it is same for both HTTP 1 and 2). It was caused by large number of header fields. It seems HTTP 1 counts all cookies together as one header, but HTTP2 counts each cookie as one header. After rising LimitRequestFields from 100 to 1000 problem disappeared.
This is the cause from HTTP 2 specification:
To allow for better compression efficiency, the Cookie header field MAY be split into separate header fields, each with one or more cookie-pairs.
This means in HTTP 1 cookies has always only one field. In HTTP 2 cookies may be split into many fields. This is the root cause and reason why only some browsers are having issues.
Related videos on Youtube
jack
I=PHP,Jquery,Cakephp lover.And most basically a fresher in that three fields.I am here to study more and share what i know...heheh :)
Updated on September 18, 2022Comments
-
jack over 1 year
I have test domain eg: https:www.test.com, recently I have moved my server to new on which is hosted in liquid-web. After transferring this test account to new server and pointing, only this domain started throwing error HTTP error 431 and for some of them its blank screen. I have password authentication for this site.
When i open this in private window or after clearing cache, it is working fine. This problem now stopped all the server migration as we fear that this might effect our returning customers which is going to be big in number.
This is the screenshot I am getting. Tried removing htaccess, and put just index.html in the root, decreased TTL value, tried no-cache through meta tag in header, but nothing helped.
Anyone got insight on what is HTTP error 431
-
ezra-s about 6 years431 is a very specific error refering to the size of headers your client is sending "Request Headers Fields Too Large". Have you tried with a simple "curl" command if you reach the server successfully and/or reviewed the headers you are sending?
-
jack about 6 yearsStill waiting to know what can cause issue in http 2.0
-
-
KhalilRavanna about 4 yearsThank you! I was working on authorization logic and had created a bad loop which was setting cookies over and over. Could not figure out why I was getting a 431 (Chrome gave no reporting on what was sent by the server) but immediately understood when you mentioned "too many cookies"!