Cloud Confusing

Explaining hosting, AWS, Wordpress, static sites, and all manner of cloud solutions.

Are you getting a 431 error on a page that you suspect should be working properly? There is a good chance that it’s a local issue and it’s an easy fix.

What Is A 431 Error?

A 431 error, usually described as “431 Request Header Fields Too Large” can be difficult to diagnose. This might seem like a server issue, like a 404 or a 500, but when the same web page works on another browser and your coworkers can’t replicate it, things can get frustrating.

This status code essentially means that as your browser is calling for data from the website it’s sending along too much data with the request. You can start to sense that this may be a local problem because the 431 error will happen instantaneously, with no latency from the server on the other side of the request. And, as mentioned, the same web page might work in another browser or in Incognito mode.

Interestingly, the decision that that too much information is attempted to be transferred may come from your browser or from the remote server. Chrome (at least at one time in the past) could accommodate up to 250Kb of data for all headers combined. Individual headers, like the referer header, have individual limits as well. Referer, by way of example, is limited by Chrome to 4Kb. And then receiving web servers might have their own limits, but this error is request-based.

How To Fix A 431 Error

The good news is that a 431 is usually quite easy to fix. The most common causes of this error are:

  • A referer header that is too long (this is considered a security risk)
  • Too many cookies, which means too much data is attempted to be transferred

In my experience, the second issue is the more common of these and it’s more likely to be reported as a problem as it tends to happen with the most cookied users, which are those people are logging into (and often working on!) the site in question. This is also why the same page will be broken in one browser but possibly fine in another and then definitely will work when in Incognito, where there will be no cookies accrued.

So, as you can probably guess, the best way to fix a 431 is to open the webpage in Incognito mode as this will get the page working and won’t affect the cookies, which you’ll likely want to diagnose in order to see why you have so many.

A longer term fix will be to clear your browser cookies, with with the browser preferences and removing all cookies, or a cookie removal plugin, like Chrome’s EditThisCookie, in order to only remove one site’s cookies.

A true fix would be to debug your website and to start to see why so many cookies were being generated and which could be shortened or removed in order to get the site working again. This is often a pain because it’s likely coming from a scenario where you have multiple logged-in sections on a single domain and many cookies are being acquired. This can happen if you have 4 or 5 or 10 content management system on a single URL, with each living in a different directory and the cookie build-up on that domain is significant.

The good news about this multi-CMS scenario is that end users likely won’t be affected and only a small numbers of developers, product managers, etc. will ever see the problem. So while it might be annoying, it’s generally limited in scope.

Once identified you can explain to the subset of users that they simple need to use multiple browsers, or clear their cookies occasionally and the problem will be fixed. Of course you could have a single cookie that grew massively and cause this issue or something else less common, but the above will help fix the 431 for most common business scenarios.

November 4th, 2022

Posted In: Web Development

© 2022 | Privacy Policy | About | UTM Creator | CVE Reporting