pwa-kit icon indicating copy to clipboard operation
pwa-kit copied to clipboard

Published 20 hours ago verified publisher icon SalesforceCommerceCloud

[BUG] 502 Bad Gateway when sending request to SCAPI

Open ast-mmitsakh opened this issue 2 years ago • 2 comments

Summary

When application sends request, for example, to https://{envID}.mobify-storefront.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/{orgID}/customers?siteId={siteID}, 502 Bad Gateway (HTML response) received instead of 400 (JSON response). This probably happens because the cookie size exceeds the limit (please notice the token cookie present).

Steps To Reproduce

(Hybrid solution that uses cookies, possibly relates to this feature - link)

Try to register the customer with an invalid email address

OR

cURL

curl 'https://pwa-kit.mobify-storefront.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_zzrf_001/customers?siteId=RefArchGlobal' \ -H 'authority: pwa-kit.mobify-storefront.com' \ -H 'accept: */*' \ -H 'accept-language: en-US,en;q=0.9' \ -H 'authorization: Bearer {BEARER_TOKEN}' \ -H 'cache-control: no-cache' \ -H 'cookie: oid=f_ecom_zzrf_001; usid=1a75930c-5544-4c7b-ab4d-1baf9f8ab81f; cid=abkuc1lrIXkekRlrsYlaYYwXBG; __cq_dnt=1; dw_dnt=1; dwanonymous_b5d8a8e2b741ecb26e2f400a02c69ec5=abkuc1lrIXkekRlrsYlaYYwXBG; token=Bearer%20ey{BEARER_TOKEN}; cc-nx-g=uY5XxvkapEIBojobDMSV0HdquFy8Sbq0kbqXTpWMgnI; dwsid=-J97Xy1NEodXBHEaF8y558J3_mxhRL8TzufsmbsnUD9ltB4oVeLivZFWNULSK34S8RnXIak0mkJYbE25oWY8sg==' \ -H 'content-type: application/json' \ -H 'origin: https://pwa-kit.mobify-storefront.com' \ -H 'pragma: no-cache' \ -H 'sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"' \ -H 'sec-ch-ua-mobile: ?0' \ -H 'sec-ch-ua-platform: "Windows"' \ -H 'sec-fetch-dest: empty' \ -H 'sec-fetch-mode: cors' \ -H 'sec-fetch-site: same-origin' \ -H 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36' \ --data-raw '{"customer":{"firstName":"sdfsdfsd","lastName":"sdfsdfsdf","email":"[email protected]","login":"[email protected]"},"password":"3rsdfsdfE#"}' \ --compressed

Expected result

Response with 400 code & JSON containing "Invalid Email" message

Actual result

502 Bad Gateway HTML Response

System Information (as applicable)

Browser: Version 104.0.5112.102 (Official Build) (64-bit) (although doesn't matter actually) Node version: v14.18.0 pwa-kit version: 2.0.0 Desktop OS: Windows Mobile Device Info: -

Additional information

This may be important: if I try to register a customer with a valid email address (although all request data stays the same), the correct 200 response is returned and the customer becomes logged in.

ast-mmitsakh avatar Sep 02 '22 09:09 ast-mmitsakh

Hey @ast-mmitsakh ! Thanks for raising the issue!

I recently encountered this issue as well, SCAPI rejects the requests when you have an enormous cookie header.

The solution is to move access token from cookie to localstorage. This will be fixed in the retail react app template soon.

I'll keep this issue open for visibility until it is fixed.

kevinxh avatar Sep 06 '22 19:09 kevinxh

@kevinxh Thank you for the update!

ghost avatar Sep 07 '22 07:09 ghost

Cookies no longer are included in the encoded jwt as we no longer implicitly send them via commerce-sdk-isomorphic as of 1.10.1. Earlier versions used xmlHttpRequest which implicitly sent cookies in request headers, which would ultimately end up encoded int he jwt. As of version pwa kti 2.7.1 the project is using [email protected] so this should be fixed

bfeister avatar May 12 '23 12:05 bfeister