alpha6572's avatar

Problem with cookies after deployment into shared host

Hi everyone

After deploying my first laravel web application into a shared host i ran into problem with cookies . when i try to logging i ran into "419 Page Expired" error . so i changed my session drive from "file" to "database" and created related table , but problem persists. I inspected session table carefully and found out application create new token on each refresh (but same app have constant token on my localhost) . i also check browser side and realized there is no cookie saved related to my remote site (i do have cookie from my localhost) . SSL certificate is not set yet on my remote site and i'm waiting for service provider to set it .so chrome marks my site as "not secure" . I'm wondering if is it somehow related to SSL certificate ?

FYI : i also cleared cache and generate new key manually (since i don't have SSH access) .

0 likes
14 replies
Snapey's avatar
Snapey
6 years ago
Best Answer
Level 122

This is a problem I have seen a few times, and is usually when using apache.

If there are any stray characters or new lines before the opening <?php in any of the files that get executed then those characters are emitted by the web server before cookies are prepared and sent.

This blocks cookies from being send to the client, and the client has to start a new session on every request.

Unfortunately, the only solution is to look at every file you have created or modified (not too bad if you use Git) and ensure that <?php are the first characters in every php file.

You can ignore view files because they are not used until after the cookies are sent.

Most likely candidates are controllers, service providers and route files.

10 likes
Bossino's avatar

Sir, it is also necessary to end the file ?>?

cesar4rroyo's avatar

Thank you Sir, that solve my problem, i was all the day trying to find the solution

1 like
Deuti's avatar

@Snapey I check every controllers,route and providers. all are right and even i clear cache,route ,view and update composer only. eventhough i am facing a problem of 419 error . what should i do

JussiMannisto's avatar

@Deuti what are you doing when you get the 419? Are you sending a post request? If so, are you including a csrf token in the request?

I recommend that you start a separate thread where you explain your issue in more detail.

1 like
logudotcom's avatar

@Snapey Thanks for your input and i had the same problem and this solution was resolved .. in my route, there was extra space left i.e. <?php

1 like
alpha6572's avatar

You were right Snapey ! thanks a lot ! I searched "<?php" in my project and it was a problem with my custom helper . i never thought a useless enter can cost me 3 days to debug !

alpha6572's avatar

Good to mention that my web server is LiteSpeed .

Snapey's avatar

Local is Litespeed or on shared host?

I ask because this problem is confusing to people because it may work locally fine (if using nginx or artisan serve for instance)

1 like
alpha6572's avatar

artisan serve on local and my shared host is Litespeed

sanjayrnath's avatar

Facing the same issue. It happens only one time when submitting a post request I was getting 419 error. then I checked the sessions table and I can see the first time I open the link a session data is added. Then when I submit the post request another session is generated. Hence causing 419 errors. This won't happen after this using the same incognito window. This issue is driving me crazy for many days. I am also getting "Redirecting to {page_link}" when I submit some requests don't know if this is related to the session. I had checked for spaces at the beginning of all PHP files and tried a lot of debugging. If anybody can help on this issue would be a great help. @snapey

sanjayrnath's avatar

The only way I could solve this is to call a dummy Ajax POST function on page load so that the function return 419, 2 sessions get created and the website works normally without any 419 pages. This is a half measure. But unable to find and clear the root cause of this.

Please or to participate in this conversation.