WARN o.a.h.c.p.ResponseProcessCookies Invalid cookie header log
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
Log message in Bitbucket logs showing Invalid cookie header in logs. This issue happens when a load balancer or other device adds the Expire to the cookie.
This article only shows how to suppress this log.
Environment
Bitbucket Data Center
Diagnosis
Here is an example log
2021-11-29 00:00:01,153 WARN [ssh-scm-request-handler] AAAAA *OUKIAGx0x3809195x4 1gos6hw 1.1.1.1 SSH - git-upload-pack '/test/test.git' o.a.h.c.p.ResponseProcessCookies Invalid cookie header: "Set-Cookie: AWSALBCORS=dq7DMIy//Z1uQVHS4vc/t59tqL5987uLsDDk3l3VNHQn3y7K3BSHSsCGAcnimpdLY+nvsfNoHBo72xzjG2ugm3xOZlGBhoiH3WGRgJjbpeXpQWIcVi9M/jJSfYpu; Expires=Mon, 06 JAN 2022 05:00:01 GMT; Path=/; SameSite=None; Secure". Invalid 'expires' attribute: Mon, 06 JAN 2022 05:00:01 GMT
Solution
This curl command can be used to immediately stop the logging. This does not survive restart.
curl -u <ADMIN_USERNAME> -v -X PUT -d "" -H "Content-Type: application/json" <BASE_URL>/rest/api/latest/logs/logger/org.apache.http.client.protocol.ResponseProcessCookies/ERRORTo stop the logging permanently, Configure Bitbucket Server Logging with the following change. This can be added somewhere near the "Other libraries and frameworks" section:
<!-- Turn off o.a.h.c.p.ResponseProcessCookies Invalid cookie header logs https://confluence.atlassian.com/display/BitbucketServerKB/WARN+o.a.h.c.p.ResponseProcessCookies+Invalid+cookie+header+log -->
<logger name="org.apache.http.client.protocol.ResponseProcessCookies" level="ERROR"/>Restart Bitbucket after making this change. It is recommend to confirm this logging has been removed at each upgrade.