Invalid Accept-Language header will crash the server #22329
Assignees
Milestone
Comments
This comment has been minimized.
This comment has been minimized.
1 similar comment
This comment has been minimized.
This comment has been minimized.
|
I've encountered a similar crash in production (Next.js 10.2), although with a bit different stack trace: Is there a workaround for the issue? |
|
A restart event occurred with NextJS running in Docker. Docker logs are as follows: |
|
Hi guys, any news regarding this bug? |
|
Hi. Actually, I think it is necessary to catch the exception and handle the error inside Next.js. |
|
I also see this exception, triggered by this code: const params = part.split(';');
if (params.length > 2) {
throw Boom.badRequest(`Invalid ${options.type} header`);
}It's a shame that the error message doesn't include the actual value of the header, would help me debug what's causing it. I suspect a broken browser which sends an invalid Accept-Language header… |
|
I find if we set i18n.localeDetection = false, ignore next.js/packages/next/next-server/server/next-server.ts Lines 430 to 433 in 3b76d33 |
Based on the regularity that it was happening and that i multiple pods would tend to crash at the same time it was my assumption that it was some kind of bot that was causing it. But i totally agree that it would be nice the get the actual content logged.
This is the stop gap i have ended up with until there is a proper fix, its not ideal but its better than getting repeated crashes and it at least allows for manual language selection. |
timneutkens
added
kind: bug
and removed
bug
8 tasks
kodiakhq bot
pushed a commit
that referenced
this issue
Jun 22, 2021
Fixes #22329 ## Bug - [x] Related issues linked using fixes #22329 - [x] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes
flybayer
pushed a commit
to blitz-js/next.js
that referenced
this issue
Jun 24, 2021
Fixes vercel#22329 ## Bug - [x] Related issues linked using fixes vercel#22329 - [x] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes
leimonio
added a commit
to leimonio/next.js
that referenced
this issue
Jul 6, 2021
* [WIP] Add cms notion integration example - index page * Add cover images for pages * Add post page * Remove preview functionality * Add module.exports to security headers documentation (vercel#26466) Without `module.exports`, the provided code won't work if just pasted into `next.config.js` ## Documentation / Examples - [x] Make sure the linting passes * fix: ignore invalid accept-language header (vercel#26476) Fixes vercel#22329 ## Bug - [x] Related issues linked using fixes vercel#22329 - [x] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes * chore: Add Alex to lint documentation (vercel#26354) This Pull Request adds [Alex](https://alexjs.com/) to our documentation. It catches insensitive, inconsiderate writing. The original PR (vercel#25821) is too large so I have decided to break it down into smaller PRs. This PR is the first part. Then I will continue to add the rest of the documentation in smaller PRs. ## More Information on Alex: https://alexjs.com/ https://github.com/get-alex/alex ## Documentation / Examples - [x] Make sure the linting passes * Fix domain locales not available on client (vercel#26083) * bug: Fix domain locales not available on client * Add test case * update tests Co-authored-by: JJ Kasper <jj@jjsweb.site> * Update to only add image import types when enabled (vercel#26485) * Update to only add image import types when enabled * add type check to test * Update i18n fields in docs (vercel#26492) Closes: vercel#24991 ## Documentation / Examples - [x] Make sure the linting passes * v11.0.1-canary.7 * Strongly type `Router.events.on` and `Router.events.off` (vercel#26456) This strongly types `Router.events.on` and `Router.events.off`. Previously the event type was `string` but now it's `'routeChangeStart' | 'beforeHistoryChange' | 'routeChangeComplete' | 'routeChangeError' | 'hashChangeStart' | 'hashChangeComplete'` ## Bug - ~[ ] Related issues linked using `fixes #number`~ - [x] Integration tests added Closes vercel#25679 Closes vercel#23753 Closes vercel#15497 * Update next Link & Image components * Ensure image-types file is included (vercel#26495) * Update react & react-dom to v17 * Update tailwind to use jit * v11.0.1-canary.8 * v11.0.1 * Don't test image domains in test env (vercel#26502) fixes vercel#21549 Co-authored-by: JJ Kasper <jj@jjsweb.site> * docs: updated minimum Node.js version (vercel#26528) ## Documentation / Examples - [x] Make sure the linting passes According to new requirements in `package.json` minimum Node.js version for now is 12.0 * Update next-env note in docs (vercel#26536) This ensures we don't recommend editing the `next-env` file since we need to be able to tweak it to accept future types we add in Next.js ## Documentation / Examples - [x] Make sure the linting passes Closes: vercel#26533 * [examples] Fix ssr-caching example. (vercel#26540) Closes vercel#12019 with a better example of proper SSR caching. * Fix props not updating when changing the locale and keeping hash (vercel#26205) Currently, there is only a `hashChangeStart` and subsequent `hashChangeComplete` event and no props update (which would be used to get translations, etc.). Happy for any feedback fixes vercel#23467 ## Bug - [x] Related issues linked using `fixes #number` - [x] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes * Add note about adding additional types (vercel#26545) * Add note about adding additional types * Update to bold edit also * Apply suggestions from code review Co-authored-by: Steven <steven@ceriously.com> * Allow user to override next-image-loader (vercel#26548) In PR vercel#26281, we solved one use case but broke another. This PR will allow the user to [override the built-in loader](vercel#26281 (comment)) via custom webpack config. * v11.0.2-canary.0 * chore: Enable Alex documentation linting for error pages (vercel#26526) * Update SWR example to include fetcher function. (vercel#26520) * Previous example doesn't work * Apply suggestions from code review * Update docs/basic-features/data-fetching.md * lint-fix Co-authored-by: Lee Robinson <me@leerob.io> Co-authored-by: JJ Kasper <jj@jjsweb.site> * tailwind examps upgraded to v2.2 (vercel#26549) ## Documentation / Examples - [x] Make sure the linting passes * doc: prettify docs for next script (vercel#26572) x-ref: vercel#26518 (comment) ## Documentation / Examples - [x] Make sure the linting passes * Add logging when a custom babelrc is loaded (vercel#26570) Partially solves vercel#26539 by adding back the log output when a config file is used ## Bug - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes * Add comment to not edit in next-env file (vercel#26573) This adds a comment to the generated `next-env.d.ts` to mention it should not be edited pointing to the documentation which contains an example of adding custom types separately. x-ref: vercel#26560 ## Documentation / Examples - [x] Make sure the linting passes * Separate node polyfill test from basic suite (vercel#26550) * Separate node polyfill test from basic suite * update test * fix with-loading example for next 11 (vercel#26569) ## Documentation / Examples - [X] Make sure the linting passes This PR updates the with-loading example to follow the documentation of router events for next 11 * v11.0.2-canary.1 * Add trace url on bootup (vercel#26594) * Add trace url on bootup * Update whitelist -> accesslist * Add name to webpack-invalidated * v11.0.2-canary.2 * Add check for ObjectExpression when iterating on <link> tags for font optimization (vercel#26608) Fixes vercel#26547 ## Bug - [x] Related issues linked using `fixes #number` - [x] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes * Enable Alex documentation linting for docs (vercel#26598) * Add link to live demo already hosted (vercel#25718) * Add link to live demo already hosted To make it easier for people to simply see the live example without having to deploy a whole new project * update link Co-authored-by: JJ Kasper <jj@jjsweb.site> * Update next/image docs for relative parent with layout=fill. (vercel#26615) vercel#18739 (reply in thread) * Fix GSP redirect cache error (vercel#26627) This makes sure we don't attempt flushing cache info to disk for `getStaticProps` `redirect` items with `revalidate` Fixes: vercel#20816 ## Bug - [x] Related issues linked using `fixes #number` - [x] Integration tests added * Correct statusCode when visiting _error directly (vercel#26610) This fixes non-stop reloading when visiting `_error` directly in development caused by the `statusCode` being 200 unexpectedly while HMR returns the page as `invalid` which triggers `on-demand-entries` to reload the page. ## Bug - [x] Related issues linked using `fixes #number` - [x] Integration tests added Fixes: vercel#8036 x-ref: vercel#8033 * fix: next dynamic with jest (vercel#26614) Fixes vercel#19862 Avoid executing `webpack` property on `loadableGenerated` of loadable component compiled from `next/dynamic` when `require.resolveWeak` is unavailable due to jest runtime missing `require.resolveWeak`. ## Bug - [x] Related issues linked using `fixes #number` - [x] unit tests added * Ensure API routes are not available under the locale (vercel#26629) This ensures API routes are not available under the locale path since API routes don't need to be localized and we don't provide the locale to the API in any way currently so the user wouldn't be aware if the localized API route was visited instead of the non-localized. Fixes: vercel#25790 ## Bug - [x] Related issues linked using `fixes #number` - [x] Integration tests added * v11.0.2-canary.3 * Fix image content type octet stream 400 (vercel#26705) Fixes vercel#23523 by adding image content type detection ## Bug - [x] Related issues linked using `fixes #number` - [x] Integration tests added * Update layouts example to persist state across client-side transitions. (vercel#26706) * Update layouts example * Update examples/layout-component/components/layout.js Co-authored-by: JJ Kasper <jj@jjsweb.site> * Fix typo on "occured" to "occurred" (vercel#26709) * fix: typo occured -> occurred * fix: typo occured -> occurred * fix: typo occured -> occurred * fix: typo occured -> occurred * lint-fix Co-authored-by: JJ Kasper <jj@jjsweb.site> * [ESLint] Adds --max-warnings flag to `next lint` (vercel#26697) Adds `--max-warnings` flag to `next lint` to enable setting of a maximum warning threshold. Fixes vercel#26671 * update with-redux-toolkit-typescript (vercel#26714) ## Bug - [X] Related issues linked using `fixes vercel#26713 ` ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [X] Make sure the linting passes ## Screenshots After this small change the warning disappears.  * Simplify `next-dev-server` implementation (vercel#26230) `next-dev-server` having its own implementations of `renderToHTML` and `renderErrorToHTML` has historically made reasoning about streaming hard, as it adds additional places where status codes are explicitly set and the full HTML is blocked on. Instead, this PR simplifies things considerably by moving the majority of the custom logic for e.g. hot reloading and on-demand compilation to when we're resolving the page to be loaded, rather than upfront when handling the request. It also cleans up a few other details (e.g. default error page rendering) that managed to creep into the base implementation over time. One unfortunate side effect is that this makes compilation errors slightly more difficult. Previously, we'd render them directly. Now, we have to rethrow them. But since they've already been logged (by the watch pipeline), we have to make sure they don't get logged again. * Update PR labeler action * Simplify stats action (vercel#26751) * Move code shared between server/client to "shared" folder (vercel#26734) * Move next-server directory files to server directory (vercel#26756) * Move next-server directory files to server directory * Update tests * Update paths in other places * Support new hydrate API in latest react 18 alpha release (vercel#26664) * fix: react 18 new hydration API * support react 18 * compat latest react only, fix resolved version * fix tests * Some changes based on reactwg/react-18#5 * fix test Co-authored-by: Tim Neutkens <timneutkens@me.com> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> * Disable build-output size specific tests (vercel#26769) * Disable build-output size specific tests * remove size-limit test * lint-fix * Add upstream `max-age` to optimized image (vercel#26739) This solves the main use case from Issue vercel#19914. Previously, we would set the `Cache-Control` header to a constant and rely on the server cache. This would mean the browser would always request the image and the server could response with 304 Not Modified to omit the response body. This PR changes the behavior such that the `max-age` will propagate from the upstream server to the Next.js Image Optimization Server and allow browser caching. ("upstream" meaning external server or just an internal route to an image) This PR does not change the `max-age` for static imports which will remain `public, max-age=315360000, immutable`. #### Pros: - Fewer HTTP requests after initial browser visit - User configurable `max-age` via the upstream image `Cache-Control` header #### Cons: - ~~Might be annoying for `next dev` when modifying a source image~~ (solved: use `max-age=0` for dev) - Might cause browser to cache longer than expected (up to 2x longer than the server cache if requested in the last second before expiration) ## Bug - [x] Related issues linked using `fixes #number` * Fix blurred image position when using objectPosition (vercel#26590) ## Bug fixes vercel#26309 ## Documentation / Examples see vercel#26309 - [ ] Make sure the linting passes * Update azure tests (vercel#26779) * Stabilize relay-analytics test (vercel#26782) * Leverage blocked page for _error (vercel#26748) ## Enhance simplify detection for visiting `_error` x-ref: vercel#26610 * Update codeowners to add new maintainers (vercel#26770) * examples: fix typo `lunix` → `linux` (vercel#26796) ## Bug - [ ] ~~Related issues linked using `fixes #number`~~ - [ ] ~~Integration tests added~~ ## Feature - [ ] ~~Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR.~~ - [ ] ~~Related issues linked using `fixes #number`~~ - [ ] ~~Integration tests added~~ - [ ] ~~Documentation added~~ - [ ] ~~Telemetry added. In case of a feature if it's used or not.~~ ## Documentation / Examples - [x] Make sure the linting passes * Update repo scripts to separate folder (vercel#26787) * fix: detect loop in client error page (vercel#26567) Co-authored-by: Tobias Koppers <tobias.koppers@googlemail.com> Co-authored-by: Tim Neutkens <tim@timneutkens.nl> * Update snapshot for font-optimization test (vercel#26823) This fixes the `font-optimization` test failing from the links/content changing slightly in the snapshot. ## Bug - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes * Add `onLoadingComplete()` prop to Image component (vercel#26824) This adds a new prop, `onLoadingComplete()`, to handle the most common use case of `ref`. I also added docs and a warning when using `ref` so we recommend the new prop instead. - Fixes vercel#18398 - Fixes vercel#22482 * Add "Vary: Accept" header to /_next/image responses (vercel#26788) This pull request adds "Vary: Accept" header to responses from the image optimizer (i.e. the /_next/image endpoint). The image optimizer prefers re-encoding JPG files to WebP, but some browsers (such as Safari 14 on Catalina) do not yet support WebP. In such cases the optimizer uses the Accept header sent by the browser to send out a JPG response. Thus the optimizer's response may depend on the Accept header. Potential caching proxies can be informed of this fact by adding "Vary: Accept" to the response headers. Otherwise WebP data may be served to browsers that do not support it, for example in the following scenario: * A browser that supports WebP requests the JPG. The optimizer re-encodes it to WebP. The proxy caches the WebP data. * After this another browser that doesn't support WebP requests the JPG. The proxy sends the WebP data to the browser. - [x] Integration tests added - [x] Make sure the linting passes * Fix using-preact example deps (vercel#26821) Fix after vercel#26133 * Add additional tests for image type detection (vercel#26832) Adding additional tests. Follow up to vercel#26705 * Fix immutable header for image with static import & unoptimized (vercel#26836) Fixes vercel#26587 * Update `publish-canary` script to include checkout (vercel#26840) * Update `publish-canary` script to include checkout * Update contrib with publishing section * v11.0.2-canary.4 * Make sure 404 pages do not get cached by a CDN when using next start (vercel#24983) Co-authored-by: Jiachi Liu <inbox@huozhi.im> Co-authored-by: JJ Kasper <jj@jjsweb.site> * Update to environment-variable.md (vercel#26863) ## Bug - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [x] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. ## Documentation / Examples - [ ] Make sure the linting passes ## Why the change I lost quite a few hours figuring out why my environment variable was `undefined` in the browser. I read about the built-in support and was like: "Oh nice" and didn't read much further. I missed the part about how you need to prefix your variables with `NEXT_PUBLIC_` in order to expose them to the browser. I think a hint to this in the anchor link to that section will make it more discoverable as it's then mentioned near the top and will save people who are like me some time and a headache. * Don't emit duplicate image files (vercel#26843) fixes vercel#26607 This change makes it so the image loader plugin only emits a file while processing an image import for the client. The final generated image URL was already the same in SSR and CSR anyway, so this change doesn't have any functional impact. I also changed the name of the static page in the image component tests, since it was causing some conflicts with the static assets folder. * Add instructions on how to add nextjs.org/docs/messages urls (vercel#26865) Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> * Rename example folder to with-notion * Update references of example * Reorder docs manifest and rename to Script Optimization. (vercel#26874) So there's _conformance_ between the other docs / optimizations. * Fix typo on "occured" to "occurred" (vercel#26876) - Fix typo on "occured" to "occurred" * Update README Co-authored-by: Sam Robbins <samrobbinsgb@gmail.com> Co-authored-by: Jiachi Liu <inbox@huozhi.im> Co-authored-by: Peter Mekhaeil <4616064+petermekhaeil@users.noreply.github.com> Co-authored-by: Rob Vermeer <rob@vermeertech.nl> Co-authored-by: JJ Kasper <jj@jjsweb.site> Co-authored-by: Brandon Bayer <b@bayer.ws> Co-authored-by: Alex Castle <atcastle@gmail.com> Co-authored-by: Vitaly Baev <ping@baev.dev> Co-authored-by: Lee Robinson <me@leerob.io> Co-authored-by: destruc7i0n <6181960+destruc7i0n@users.noreply.github.com> Co-authored-by: Steven <steven@ceriously.com> Co-authored-by: Joshua Byrd <phocks@gmail.com> Co-authored-by: Pranav P <pranavkp.me@outlook.com> Co-authored-by: Tim Neutkens <tim@timneutkens.nl> Co-authored-by: John <john@rackles.io> Co-authored-by: Tim Neutkens <timneutkens@me.com> Co-authored-by: Vadorequest <ambroise.dhenain@gmail.com> Co-authored-by: hiro <hiro0218@gmail.com> Co-authored-by: Houssein Djirdeh <houssein@google.com> Co-authored-by: Soham Shah <47717492+sohamsshah@users.noreply.github.com> Co-authored-by: Gerald Monaco <gbmonaco@google.com> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> Co-authored-by: Nils Schönwald <nils@schoen.world> Co-authored-by: D. Kasi Pavan Kumar <44864604+kasipavankumar@users.noreply.github.com> Co-authored-by: Tobias Koppers <tobias.koppers@googlemail.com> Co-authored-by: Joachim Viide <jviide@iki.fi> Co-authored-by: Artur Sedlukha <sedlukha@icloud.com> Co-authored-by: Paul van den Dool <paulvddool@msn.com> Co-authored-by: hiro <hiroyuki.kikuchi@zozo.com>
|
This issue has been automatically locked due to no recent activity. If you are running into a similar issue, please create a new issue with the steps to reproduce. Thank you. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
What version of Next.js are you using?
10.0.7
What version of Node.js are you using?
15.6.0
What browser are you using?
N/A
What operating system are you using?
Docker: node:15.6.0-alpine3.11
How are you deploying your application?
next start
Describe the Bug
If the server receives a request with an invalid Acceot-Language header it crashes due to an un caught exception
Expected Behavior
It not to crash
To Reproduce
curl https://my.next-project.com -H 'Accept-Language: ldfir;'The error will also happen with the dev server
next devbut the server doesnt actually crash in that caseThe text was updated successfully, but these errors were encountered: