AspNetKatana: Server cannot append header after HTTP headers have been sent
Occasionally CookieAuthenticationHandler throws HttpException:
Exception type: HttpException
Exception message: Server cannot append header after HTTP headers have been sent.
at System.Web.HttpHeaderCollection.SetHeader(String name, String value, Boolean replace)
at Microsoft.Owin.Host.SystemWeb.CallHeaders.AspNetResponseHeaders.Set(String key, String[] values)
at Microsoft.Owin.Infrastructure.ChunkingCookieManager.AppendResponseCookie(IOwinContext context, String key, String value, CookieOptions options)
at Microsoft.Owin.Security.Cookies.CookieAuthenticationHandler.<ApplyResponseGrantAsync>d__f.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.<ApplyResponseCoreAsync>d__b.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.<ApplyResponseAsync>d__8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.<TeardownAsync>d__5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware`1.<Invoke>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.<RunApp>d__5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContext.<DoFinalWork>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar)
at System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Version of Microsoft.Owin.Security: 3.0.1
Is this problem fixed in the latest version?
About this issue
- Original URL
- State: open
- Created 7 years ago
- Reactions: 3
- Comments: 61 (20 by maintainers)
Same issue here with WebForms. Any chance this is getting addressed in next update?
600 logs a second in our case. We’ve filtered them out but this has been open 4 years…
For those in this thread still looking for a solution. I took @phaselden 's method of handling things and took it a bit further by wrapping the exception to uniquely identify this specific known exception better. I detailed my findings and the work around I ended up going with here.
I read the thread already, that is why I posted here. We all know the issue exists, which is what comment 74 confirms. What I asked is if there was a work around to fix it until the code base has been fixed.
Like others here this is filling up my error logs and has wasted a lot man hours reviewing logs for what seems to be a known bug. But it is not a consistent bug for everyone, which means there is probably a work around that could be implemented.
At the moment it sounds like this thread is saying Microsoft views this issue as such a low priority that not only is it not going to fix it any time soon, it isn’t going to look into a work around either. I am hoping some other brilliant person has found that work around.
This issue is not currently under investigation. It was determined that these errors did not impact live requests, they primarily cause log noise. Are you seeing otherwise?
@Tratcher I think that’s exactly what we are experiencing, the errors we are getting is at the root ‘/’. Problem is just the annoying log, client does not experience any issues.
Still seeing this with .NET 4.6.2. Some indications that this occurs when the sliding expiration cookie gets renewed.
Possible rleated issue, with OwinServerCompressionHandler: https://github.com/azzlack/Microsoft.AspNet.WebApi.MessageHandlers.Compression/issues/13