• [6.11.0] webGUI network graph produces excessively large cookies

    kurai

    By kurai

      • Solved Minor

    Overview

    webGUI can set out of spec large cookies that are breaking some functionality (notably docker VNC connectivity)

     

    Problem source

    https://wiki.unraid.net/Manual/Release_Notes/Unraid_OS_6.10.0#Other_Improvements

    The optional Network traffic graph [introduced with 6.10.0] in the INTERFACE dashboard panel stores the rolling history in two cookies: rxd-init & txd-init.

    The value is recorded at 1 second intervals for a history of 10s | 30s | 1min | 2min

    With the traffic value recorded in 14 digit precision this gives rise to cookie sizes below:- 

    10 sec: 2 x ~185 bytes
30 sec: 2 x ~540 bytes
1 min : 2 x ~1085 bytes
2 min : 2 x ~2155 bytes

     

    Relevance

    RFC 6265bis has long recommended limits on cookie sizes, which ended up as a requirement to limit the sum of the lengths of the cookie's name and value to 4096 bytes.  Pretty much all browser engines complied with this.

    Because each engine went about managing this limit in subtly different ways a further refinement was added that also specified a limit for the length of each cookie attribute value to 1024 bytes.

    Any attempt to set a cookie exceeding the name+value limit should be rejected, and any cookie attribute exceeding the attribute length limit should be ignored.

     

    Unraid issue

    Most of the webGUI functionality seems to deal with this out-of-spec condition OK, but it definitely breaks some VM & docker VNC connectivity.

    e.g. 

     

     

    It's possible that this might be a root cause of a variety of other reported bugs - the only one that I can personally confirm is with a CrashPlan docker that fails to connect if the webGUI Network graph is set to 2 minute history and allowed to sample traffic for longer than 1 minute or so.

    Some other dockers with VNC interfaces, such as Krusader, seem unaffected.

     

    Suggested solutions

    Reduce recorded value to ~7 digit precision from 14 ?

    Limit recorded intervals to 60 seconds instead of 120 ?

    Use some other sort of variable state mechanism other than cookies ?

    Investigate what is happening with some VNC implementations that cause them to mishandle out-of-spec cookies ?

     

     

     

    Sources

    https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis/

    https://github.com/httpwg/http-extensions/blob/main/draft-ietf-httpbis-rfc6265bis.md#the-set-cookie-header-field-set-cookie

    Go to reports Stable Releases

    User Feedback

    Recommended Comments

    kurai

    Issue not addressed in v6.11.0 - over large, out of spec cookies are still being set, breaking some Docker & VM VNC access.

    Link to comment
    kurai

    That seems to have done the job nicely.

    Don't know where you are storing the graph history now, but wherever it is VNC no longer throws a fit :)

     

    Thank you.

    Link to comment


    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Restore formatting

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.

    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.