Recently, i've been receiving 400 errors from my reactJS service urls, but I don't receive them on my other microservices. Here is what I tried:
Looking into express to find out if 400 errors are coming from there, no success.
Digging into react code, no 400 errors should be coming from there.
Looking into the chrome console.... but it has nothing.
It doesn't even look like i'm receiving any logs on my server so it's like it never hit, so no logs there.
My node version is 10.15.3 but all my other microservices are 10.13.0.
Why am I getting 400 errors from my react/express NextJS microservice?
In november 2018 a PR was made that was a breaking change to the max header size. Headers can only be 8kb in size.
The node versions affects are v6.15.0, v8.14.0, v10.14.0, v11.3.0 (see https://www.nearform.com/blog/protecting-node-js-from-uncontrolled-resource-consumption-headers-attacks/)
You can do one of two things...
Reduce to v10.13.0
Add a flag --max-http-header-size=10000
Background
To avoid DoS attacks the max size was reduced from 80kb to 8kb. If you have a lot of cookies on your site you will receive a 400 error without much output. Read more about the PR and discussions here: https://github.com/nodejs/node/issues/24692 and here is the PR (https://github.com/nodejs/node/commit/92231a56d9)
Testing
To test this, you can use a curl request with a gigantic cookie that is over 8kb and you should receive a 400 error. After adjusting this max value, it should work.