magento2: Unable to send the cookie. Maximum number of cookies would be exceeded
It happens on a fresh magento v2.1.3 installation via composer. Apache/2.4.23 (Win32) OpenSSL/1.0.2h PHP/5.6.28 Versione del client del database: libmysql - mysqlnd 5.0.11-dev - 20120503 Estensione PHP: mysqli Documentazione Versione PHP: 5.6.28
When I try to access admin area I get:
There has been an error processing your request
Exception printing is disabled by default for security reasons.
Error log record number: 1761570144
In var/report I get:
a:4:{i:0;s:71:"Unable to send the cookie. Maximum number of cookies would be exceeded.";i:1;s:5183:"#0 C:\xampp\htdocs\magento2\vendor\magento\framework\Stdlib\Cookie\PhpCookieManager.php(116): Magento\Framework\Stdlib\Cookie\PhpCookieManager->checkAbilityToSendCookie('admin', 'luov8matk9kh36a...')
#1 C:\xampp\htdocs\magento2\vendor\magento\framework\Stdlib\Cookie\PhpCookieManager.php(98): Magento\Framework\Stdlib\Cookie\PhpCookieManager->setCookie('admin', 'luov8matk9kh36a...', Array)
#2 C:\xampp\htdocs\magento2\vendor\magento\module-backend\Model\Auth\Session.php(177): Magento\Framework\Stdlib\Cookie\PhpCookieManager->setPublicCookie('admin', 'luov8matk9kh36a...', Object(Magento\Framework\Stdlib\Cookie\PublicCookieMetadata))
#3 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(74): Magento\Backend\Model\Auth\Session->prolong()
#4 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Chain\Chain.php(70): Magento\Backend\Model\Auth\Session\Interceptor->___callParent('prolong', Array)
#5 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(138): Magento\Framework\Interception\Chain\Chain->invokeNext('Magento\\Backend...', 'prolong', Object(Magento\Backend\Model\Auth\Session\Interceptor), Array, 'security_admin_...')
#6 C:\xampp\htdocs\magento2\vendor\magento\module-security\Model\Plugin\AuthSession.php(68): Magento\Backend\Model\Auth\Session\Interceptor->Magento\Framework\Interception\{closure}()
#7 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(142): Magento\Security\Model\Plugin\AuthSession->aroundProlong(Object(Magento\Backend\Model\Auth\Session\Interceptor), Object(Closure))
#8 C:\xampp\htdocs\magento2\var\generation\Magento\Backend\Model\Auth\Session\Interceptor.php(65): Magento\Backend\Model\Auth\Session\Interceptor->___callPlugins('prolong', Array, Array)
#9 C:\xampp\htdocs\magento2\vendor\magento\module-backend\App\Action\Plugin\Authentication.php(127): Magento\Backend\Model\Auth\Session\Interceptor->prolong()
#10 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Chain\Chain.php(67): Magento\Backend\App\Action\Plugin\Authentication->aroundDispatch(Object(Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor), Object(Closure), Object(Magento\Framework\App\Request\Http))
#11 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(138): Magento\Framework\Interception\Chain\Chain->invokeNext('Magento\\Backend...', 'dispatch', Object(Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor), Array, 'adminMassaction...')
#12 C:\xampp\htdocs\magento2\vendor\magento\module-backend\App\Action\Plugin\MassactionKey.php(33): Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor->Magento\Framework\Interception\{closure}(Object(Magento\Framework\App\Request\Http))
#13 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(142): Magento\Backend\App\Action\Plugin\MassactionKey->aroundDispatch(Object(Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor), Object(Closure), Object(Magento\Framework\App\Request\Http))
#14 C:\xampp\htdocs\magento2\var\generation\Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor.php(39): Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor->___callPlugins('dispatch', Array, Array)
#15 C:\xampp\htdocs\magento2\vendor\magento\framework\App\FrontController.php(55): Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor->dispatch(Object(Magento\Framework\App\Request\Http))
#16 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(74): Magento\Framework\App\FrontController->dispatch(Object(Magento\Framework\App\Request\Http))
#17 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Chain\Chain.php(70): Magento\Framework\App\FrontController\Interceptor->___callParent('dispatch', Array)
#18 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(138): Magento\Framework\Interception\Chain\Chain->invokeNext('Magento\\Framewo...', 'dispatch', Object(Magento\Framework\App\FrontController\Interceptor), Array, 'install')
#19 C:\xampp\htdocs\magento2\vendor\magento\framework\Module\Plugin\DbStatusValidator.php(69): Magento\Framework\App\FrontController\Interceptor->Magento\Framework\Interception\{closure}(Object(Magento\Framework\App\Request\Http))
#20 C:\xampp\htdocs\magento2\vendor\magento\framework\Interception\Interceptor.php(142): Magento\Framework\Module\Plugin\DbStatusValidator->aroundDispatch(Object(Magento\Framework\App\FrontController\Interceptor), Object(Closure), Object(Magento\Framework\App\Request\Http))
#21 C:\xampp\htdocs\magento2\var\generation\Magento\Framework\App\FrontController\Interceptor.php(26): Magento\Framework\App\FrontController\Interceptor->___callPlugins('dispatch', Array, Array)
#22 C:\xampp\htdocs\magento2\vendor\magento\framework\App\Http.php(135): Magento\Framework\App\FrontController\Interceptor->dispatch(Object(Magento\Framework\App\Request\Http))
#23 C:\xampp\htdocs\magento2\vendor\magento\framework\App\Bootstrap.php(258): Magento\Framework\App\Http->launch()
#24 C:\xampp\htdocs\magento2\index.php(39): Magento\Framework\App\Bootstrap->run(Object(Magento\Framework\App\Http))
#25 {main}";s:3:"url";s:103:"/magento2/admin/admin/index/index/key/fc129c8ab7fb7cc037a101891fc63ed0635cbee765a836e40c90d7164ab90874/";s:11:"script_name";s:19:"/magento2/index.php";}
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Reactions: 4
- Comments: 31 (18 by maintainers)
@veloraven - even though @gputignano is using incompatible OS, it would not make a difference in this error. I also routinely see this error logged on debian, php7 and nginx.
@orlangur Thanks for the response but with respect it did break our site. It broke our site unexpectedly to the point where we launched a large site on Magento, and in less than 20 hours we reverted back to our previous platform. I’ll explain the chain of events:
So we have a large ecommerce store on a different platform which already has a large number of cookies present. We prepared and launched Magento on 2.2.3 to replace this other platform. Everything was working well. I did see the occasional max cookie error from the logs but as you said it didn’t seem to affect anything on the site, so we launched the site on a Thursday evening.
Friday we saw our log files exploding with Max Cookie errors. Evidently anyone who was a repeat visitor, who had visited our previous site once before, already had 40+ cookies on our primary domain, and now that they are coming to the new Magento site they were getting the Max Cookie error logged into the log files. Still not a big deal right? Because it’s logged and not reported on the site?
Wrong, the implications were huge. No one could log into the site. A customer would come to the site, login and be redirected with no error message and NOT be logged in. Our staff was having the same issue. People would go to checkout and while trying to check out login and just be redirected to the checkout with no error message and NOT logged in. No one even knew why the problem was happening because there was no public error it was all behind the scenes. Until we looked and noticed the log files filling up with the Max cookie error. People could successfully login but with no room for new cookies, they weren’t able to stay logged in with any session parameters. Started having staff reset their cookies and the problem was fixed, but that’s hard to tell visitors of a busy ecommerce site.
About 16-18 hours later we reverted back to the old platform because we went from having $2,000 days to having our worst sales day of the year. And we had no solution we could implement easily. The best I got so far is to work up some kind of JS file that will look for old BigCommerce cookies and delete them, but I’m not sure if that’s the best solution. Magento just doesn’t seem to handle this issue well at all, and having 100,000 customers that can’t login after switching is detrimental to our business.
I am thinking “User Agent” is a browser and not the server side implementation…
“At any time, the user agent MAY “remove excess cookies” from the cookie store if the number of cookies sharing a domain field exceeds some implementation-defined upper bound (such as 50 cookies).” https://tools.ietf.org/html/rfc6265
Also it doesn’t say that when the limit is reached that the site should crash with a fatal error 😄
Any update on this issue?
We’re seeing the following error which is producing an error report and causing the site to fall over
“There has been an error processing your request Unable to send the cookie. Maximum number of cookies would be exceeded.”
It looks like the MAX_NUM_COOKIES was raised to 50 (used to be 20) as part of: https://github.com/magento/magento2/commit/c945dbe42e5947e29fb977fd44300730e5c46bb7
However, would it not make more sense for it to be a system configuration value? Which gives merchants greater control over their website?
@gputignano thank you for your feedback. Magento does not support the operating system you’ve listed. Please confirm that you can reproduce this issue on a supported platform. For an overview of supported technologies, see System Requirements.
Agree, with that change, it’s not a big problem any more. It’s not in 2.2.7 unfortunately.
@orlangur This happened to us as well. Having a low limit for the maximum cookies IS a Magento issue. We’ll report that to the Commerce support as well. Please reopen. Magento supports customizing, so telling us that it’s no issue if it’s not reproducable on a Vanilla installation is an invalid excuse.
still issue on 2.2.3, 2.2.4, 2.2.5. I’ve seen cookies payloads from 60 to over 160.
@orlangur I think it IS magento’s problem. Mostly because it’s magento’s code (or what they are delivering). At a minimum it looks like magento produces at least a quarter, if not more, of the the current cookie limit. That’s not including paypal, google, etc…
Following the RFC would mean not making the application pump out cookies like hotcakes at brunch and instead manage them (like maybe use just one cookie!). Increasing the allowed limit of cookies is just cover for the real issue I agree.
i’m guessing at least some, if not all, of the reports folks are seeing is due to mobile session/localstorage issues. https://github.com/julien-maurel/jQuery-Storage-API/blob/d2ce10b0fb53d7cb919f14e70853a5c232477f93/jquery.storageapi.js#L484 from: https://github.com/julien-maurel/jQuery-Storage-API/blob/d2ce10b0fb53d7cb919f14e70853a5c232477f93/jquery.storageapi.js#L425
https://github.com/magento/magento2/blob/2.2-develop/lib/web/jquery/jquery.storageapi.min.js (minification doesn’t help with discussions)
To quote the author:
from the looks of the library, it defaults to setting a year expiration on those cookies. get a customer who visits the site every week in a different browser tab or window, and in less than a month they will be busting a gut on cookies.
this is totally magento’s bag of beans.
There is a proposed fix for this issue here https://github.com/magento/magento2/pull/10961 can you please check it and report back?
Is there any plan to fix this? I’m definitely seeing this issue.