As a workaround, reverting the changes to htdocs/auth/session.php corrects the problem:
git checkout 55a8deb8cb~ -- htdocs/auth/session.php This will cause the ajax status bar to not load properly, and it will cause the ajax block loader to load blocks in serial instead of in parallel, but otherwise it causes no problems. You can disable the ajax block loader by adding "$cfg->ajaxifyblocks = false;" to your config.php file, which will turn off the ajax block loader and prevent that problem. So far I have only noticed this problem popping up while doing an mnet connection, and only on our proxied hosting cluster (not on my local machine). It's possible that MNet sets a lot of session values, thus causing the problem to be worse than normal. It's also possible that our hosting cluster has tighter response header limitations than my local machine. However, the potential exists for this to cause problems in other areas and other hosting setups as well, so I've marked it "Critical". -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1446036 Title: Session changes in Mahara 15.04 can cause excessively large response headers Status in Mahara ePortfolio: Confirmed Status in Mahara 15.04 series: Confirmed Status in Mahara 15.10 series: Confirmed Bug description: For the new Ajax progress bar, Bug 1352028, we changed htdocs/auth/session.php so that it closes the PHP session when not in use. This was necessary in order to allow multiple requests to the same session to process simultaneously; PHP by default locks the session between the time you call session_start() and session_write_close(). The downside to this approach, though, is that every time you call session_start(), PHP adds a new (duplicate) PHP_SESS_ID cookie to the request header. Since we open and close the session every time we call $SESSION->set() now, this can lead to a very large cookie header. On our hosting environment, these headers got too large and started causing our Nginx proxy server to throw errors while trying to initiate an MNet connection. This causes the proxy server to throw a 500 error, and to log an error like this: 2015/04/20 14:59:03 [error] 14845#0: *137093286 upstream sent too big header while reading response header from upstream, client: 2404:130:0:1000:61f4:7e47:8a26:821, server: master- mahara.catalystdemo.net.nz, request: "GET /auth/xmlrpc/land.php?token=3acfeeb7cad9814471ec5932fc293b30bbc7e387&idp=http ://mnet-moodle.testing.elearning.catalyst.net.nz&wantsurl= HTTP/1.1", upstream: "http://202.78.243.12:9226/auth/xmlrpc/land.php?token=3acfeeb7cad9814471ec5932fc293b30bbc7e387&idp=http ://mnet-moodle.testing.elearning.catalyst.net.nz&wantsurl=", host: "master-mahara.catalystdemo.net.nz" To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1446036/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp