We're experiencing the same issue on 4.2 on two Nop sites.
Short message
Error 400. Bad request
Page URL
https://www.[removed].com/login?returnurl=%2F
Referrer URL
https://www.[removed].com/
Screenshot of what it looks like on iPad:
https://www.dropbox.com/s/osx60x914303x51/loginerror.png?dl=0
Clearing cookies on device did not help.
After refreshing the page, and retrying the login, it goes through successfully.
Anyone out there have a solution or advice?
400, Bad Request errors since upgrading to v4.20
MVP
Сертифицированный разработчик
- 3947
- 35232
- 08.02.2010
- Australia
Turn on Error Logging
See https://www.selectsystems.com.au/checking-for-errors-on-a-new-installation-of-nopcommerce
Check if you get an error 400 in the sdtout log
If so have a look before that and see if there are any other errors
See https://www.selectsystems.com.au/checking-for-errors-on-a-new-installation-of-nopcommerce
Check if you get an error 400 in the sdtout log
If so have a look before that and see if there are any other errors
MVP
- 484
- 3953
- 12.11.2010
- United Kingdom
Have you managed to sort this issue out?
We're getting completely random 400's on the following (using 4.30):
/login
/cart
/register
/passwordrecovery
Either guest accounts, or accounts with email addresses! The site works perfectly fine by the way, but these 400 bad requests pop up daily in the logs.
No errors in the stdout logs.
We're getting completely random 400's on the following (using 4.30):
/login
/cart
/register
/passwordrecovery
Either guest accounts, or accounts with email addresses! The site works perfectly fine by the way, but these 400 bad requests pop up daily in the logs.
No errors in the stdout logs.
MVP
Gold-партнер по запуску магазинов
Сертифицированный разработчик
- 558
- 6862
- 07.11.2017
- India
Hello,
We faced similar problem in a project after migrating from 3.60 to 4.20. Thus, we took help of nopCommerce team to check further and as per their suggestion, We enabled std logs in the live environment so we found following:
There are two common logs for bad request, we found the 1st log is repeated and 2nd one is only once in all the log files.
1) info: Microsoft.AspNetCore.Server.Kestrel[17]
Connection id "0HM2OKQUF523C" bad request data: "Malformed request: invalid headers."
Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.
at Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException.Throw(RequestRejectionReason reason)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequestsAsync[TContext](IHttpApplication`1 application)
2) info: Microsoft.AspNetCore.Server.Kestrel[17]
Connection id "0HM2OMCONLCIN" bad request data: "Reading the request body timed out due to data arriving too slowly. See MinRequestBodyDataRate."
Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Reading the request body timed out due to data arriving too slowly. See MinRequestBodyDataRate.
at Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException.Throw(RequestRejectionReason reason)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1MessageBody.PumpAsync()
at System.IO.Pipelines.PipeCompletion.ThrowLatchedException()
at System.IO.Pipelines.Pipe.GetReadResult(ReadResult& result)
at System.IO.Pipelines.Pipe.TryRead(ReadResult& result)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1MessageBody.OnConsumeAsync()
To solve 2nd, we added .UseKestrel(options => options.Limits.MinRequestBodyDataRate = null) in Program.cs file before .UseStartup<Startup>()
For 1st, we found these two URL:
1. https://github.com/dotnet/aspnetcore/issues/6799
2. https://github.com/dotnet/aspnetcore/issues/7707
This clearly tells that this is a .net core 2.2x issue and we had to enable proxy in site to solve WindowsAuthentication issue which we have implemented.
Clearing cookies is not helping in any case on IE 10 / 11. But on a different browser, it's working. The problem is that the client cannot move away from IE because this project is being used in more than 70 countries and as per their standard they have to use IE only.
Hope this will help :)
Best regards,
Atul
We faced similar problem in a project after migrating from 3.60 to 4.20. Thus, we took help of nopCommerce team to check further and as per their suggestion, We enabled std logs in the live environment so we found following:
There are two common logs for bad request, we found the 1st log is repeated and 2nd one is only once in all the log files.
1) info: Microsoft.AspNetCore.Server.Kestrel[17]
Connection id "0HM2OKQUF523C" bad request data: "Malformed request: invalid headers."
Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.
at Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException.Throw(RequestRejectionReason reason)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequestsAsync[TContext](IHttpApplication`1 application)
2) info: Microsoft.AspNetCore.Server.Kestrel[17]
Connection id "0HM2OMCONLCIN" bad request data: "Reading the request body timed out due to data arriving too slowly. See MinRequestBodyDataRate."
Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Reading the request body timed out due to data arriving too slowly. See MinRequestBodyDataRate.
at Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException.Throw(RequestRejectionReason reason)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1MessageBody.PumpAsync()
at System.IO.Pipelines.PipeCompletion.ThrowLatchedException()
at System.IO.Pipelines.Pipe.GetReadResult(ReadResult& result)
at System.IO.Pipelines.Pipe.TryRead(ReadResult& result)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1MessageBody.OnConsumeAsync()
To solve 2nd, we added .UseKestrel(options => options.Limits.MinRequestBodyDataRate = null) in Program.cs file before .UseStartup<Startup>()
For 1st, we found these two URL:
1. https://github.com/dotnet/aspnetcore/issues/6799
2. https://github.com/dotnet/aspnetcore/issues/7707
This clearly tells that this is a .net core 2.2x issue and we had to enable proxy in site to solve WindowsAuthentication issue which we have implemented.
Clearing cookies is not helping in any case on IE 10 / 11. But on a different browser, it's working. The problem is that the client cannot move away from IE because this project is being used in more than 70 countries and as per their standard they have to use IE only.
Hope this will help :)
Best regards,
Atul
