503 when setting cookie via RewriteRule

[Xoogu]

I'm having a weird issue when if I set a cookie in .htaccess, e.g.

RewriteRule .* - [CO=hi:bye]

and request a .php page I will get a 503 error.

To debug the issue, the .htaccess file contains only the above line and 'RewriteEngine On' (also tried without that and lots of variations, restarting lsws after each change).
The php page contains only the text 'Loaded', no PHP code.
Have tried with both lsphp74 and lsphp82.
Without the RewriteRule setting the cookie, the page will load no problem.
Loading a .txt file rather than .php there are no problems.

In the stderr log I see the following:

  2023-07-12 07:00:29.798 [STDERR] [UID:65534][1239] Bad request header - ERROR#2
  [UID:65534][1239] ParseRequest error
  2023-07-12 07:00:29.798 [STDERR] [UID:65534][1240] Bad request header - ERROR#2
  [UID:65534][1240] ParseRequest error
  2023-07-12 07:00:29.799 [STDERR] [UID:65534][1241] Bad request header - ERROR#2
  2023-07-12 07:00:29.799 [STDERR] [UID:65534][1241] ParseRequest error

Setting debug to the max on the logs, I can see the rewrite rules do process okay, but then the PHP connection fails several times before LiteSpeed gives up and sends a 503:

2023-07-12 18:58:37.803611 [DEBUG] [3745] [192.168.2.101:54423:HTTP2-1#domain.com:lsapi] Connection to [uds://tmp/lshttpd/domain.comphp82.sock] on request #0, confirmed 0, error: Connection reset by peer!

I'm running OpenLiteSpeed 1.7.17. Our actual server runs the non-open LiteSpeed and the same .htaccess rules to set cookies work fine there.

Anyone have any ideas what the problem might be or steps to debug further?

 

[Cold-Egg]

Maybe the rule you tried is not completed, the following rule works on my test server.

RewriteRule .* - [CO=mycookiename:mycookievalue:.example.com:0:/] [L]

 

[Xoogu]

Maybe the rule you tried is not completed, the following rule works on my test server.

RewriteRule .* - [CO=mycookiename:mycookievalue:.example.com:0:/] [L]

Thanks, I'm pretty sure I had tried that variation before, but tried it again just now to be sure, and I still get a 503. I do get the set cookie header as part of the response.

The lsphp builds I'm using are:

lsphp74:
  Installed: 7.4.30-1+jammy
  Candidate: 7.4.30-1+jammy
  Version table:
 *** 7.4.30-1+jammy 500
        500 http://rpms.litespeedtech.com/debian jammy/main amd64 Packages
        100 /var/lib/dpkg/status
        
lsphp82:
  Installed: 8.2.7-1+jammy
  Candidate: 8.2.7-1+jammy
  Version table:
 *** 8.2.7-1+jammy 500
        500 http://rpms.litespeedtech.com/debian jammy/main amd64 Packages
        100 /var/lib/dpkg/status

 

[Cold-Egg]

May I know if you have the web server restarted after updating the rewrite rule?

 

[Xoogu]

May I know if you have the web server restarted after updating the rewrite rule?

Yes, I'm doing a restart after each change.

 

[Cold-Egg]

Ok, please send the issue to support@litespeedtech.com with this forum post link for further check.

 

[LiteCache]

@Xoogu

A cookie cannot be set by rewriteRule. A cookie is sent as header, so you must use the OLS way to set a custom header (cookie)

Header add Set-Cookie "mycookiename=mycookievalue; path=/; secure;SameSite=None"