When I set multiple (3 or more) large cookies - with 3000 bytes content each, the browser only appears to send the first two and omits the third and the rest. This is currently happening in Safari on Mac and iPhone as well, while when using Chrome on Mac - this works fine, same for Microsoft Edge, Chrome, and other browsers on Windows. This is an issue for example when building an ASP.NET Core web application which uses cookies to store user's identity and can have potentially bad effect on more applications. I managed to successfully reproduce the issue without ASP.NET Core. I haven't been able to find anything in the documentation about the cookies being omitted when the total is larger then certain size or so.
<rdar://problem/30853509>
Does this have anything to do with nginx's default configuration of large_client_header_buffers to allow maximum of 8kB in headers? http://nginx.org/en/docs/http/ngx_http_core_module.html#large_client_header_buffers
Can you upload a test case or provide a link to a test case that demonstrates this issue?
Alright - when you visit http://hajekj-cookietest.azurewebsites.net/ - the site is going to set 4 cookies named cookie-1 to cookie-4, each of 3978 bytes in size. When you refresh the page, it is going to show the cookies the server received and in case when you use Safari, only 2 cookies will be shown - cookie-1 and cookie-2, the rest is missing. From developer tools, it will show that there are 4 cookies in the browser memory. The script for this demo is in PHP, and is like this: ```php <?php function generateRandomString($length = 10) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } for($i = 0; $i < 4; $i++) { setcookie("cookie-$i", generateRandomString(3970)); } echo "<pre>"; print_r($_COOKIE); ```
Hi, are there any updates on this?
(In reply to Jan Hajek from comment #5) > Hi, are there any updates on this? WebKit doesn't handle cookies on network requests itself - It relies on platform libraries beneath it. In the case of Mac/iOS WebKit, this means CFNetwork which is a proprietary project at Apple. Which also means the WebKit project can't comment on it. Let me ask you this, though - Have you had a chance to try with the High Sierra and/or iOS 11 developer betas? If not because you're not a registered developer, I strongly suggest you try with the first public betas once they come out.
I will be able to try tomorrow on iOS 11. If it is the issue with CFNetwork, where would I go to report and sort such thing?
(In reply to Jan Hajek from comment #7) > I will be able to try tomorrow on iOS 11. Great! > If it is the issue with CFNetwork, where would I go to report and sort such thing? https://developer.apple.com/bug-reporting/ https://bugreport.apple.com/ Once a radar is filed, please mention it here so we can link the issues internally.
Link to the bug report: https://bugreport.apple.com/web/?problemID=32821328
I just checked and it seems to be working fine in Safari on iOS 11.
(In reply to Jan Hajek from comment #10) > I just checked and it seems to be working fine in Safari on iOS 11. 👍