We have upgraded spring boot version to 3.2.2 and we have observed that there are new cookies added and xsrf token size is also increased. Because of the size increase we got the issues with request header size. As alternative we have added below property in out application.properties
server.max-http-request-header-size=64KB
is there a way to suppress these cookies from request and response headers to decrease header size other than adding property in application properties?
list of new cookies added:
{
"name": "s_ecid",
"value": "MCMID%7C22987565713950551571426649978084410057",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-14T15:43:07.648Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga_NFFRXNTCW0",
"value": "GS1.1.1690788553.1.0.1690788553.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-03T07:29:13.279Z",
"httpOnly": false,
"secure": false
},
{
"name": "_fbp",
"value": "fb.1.1690788565311.738056495",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-04-10T15:43:07.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Lax"
},
{
"name": "ELOQUA",
"value": "GUID=BFFE5EDD933A4975BA4A685FF0D82036",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-08-31T07:29:29.237Z",
"httpOnly": false,
"secure": false
},
{
"name": "_CEFT",
"value": "Q%3D%3D%3D",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-10T15:43:07.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Strict"
},
{
"name": "notice_preferences",
"value": "2:",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T10:09:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "notice_gdpr_prefs",
"value": "0,1,2:",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T10:09:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "cmapi_gtm_bl",
"value": "",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T04:39:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "cmapi_cookie_privacy",
"value": "permit 1,2,3",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T10:09:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "_psr",
"value": "ps.2.650beb32550c550000216ee2",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-22T12:40:12.010Z",
"httpOnly": false,
"secure": false
},
{
"name": "_hjSessionUser_1143700",
"value": "eyJpZCI6IjVmMTE0NGQwLWM3YmItNTE3Zi1hNjUzLTExZmE5M2U4M2ZlZSIsImNyZWF0ZWQiOjE2OTA3ODg1NTc4MzksImV4aXN0aW5nIjp0cnVlfQ==",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-10T15:43:07.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "_ga_XGPHRMCF98",
"value": "GS1.1.1697695647.5.0.1697695647.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-11-22T06:07:27.982Z",
"httpOnly": false,
"secure": false
},
{
"name": "_gcl_au",
"value": "1.1.1864192195.1698733962",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-01-29T06:32:42.000Z",
"httpOnly": false,
"secure": false
},
{
"name": "__ncuid",
"value": "1529b48b-bd62-4002-8ca9-9b6a29575325",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-10-30T06:32:43.000Z",
"httpOnly": false,
"secure": false
},
{
"name": "ajs_user_id",
"value": "18ccb67ea2ecce16450b2babb5ec693593cf63cf",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-04T12:22:52.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Lax"
},
{
"name": "ajs_anonymous_id",
"value": "65ab6dfa-a9ad-4659-8301-3c6d2127e4d0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-04T12:22:52.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Lax"
},
{
"name": "_uetvid",
"value": "fc3817202f7311eea54e591d2709b08c",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-04T15:43:07.000Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ce.s",
"value": "v~9fa51fb4905691628edb4cefa8e0661afac5302c~lcw~1705038918013~vpv~4~lva~1704987661194~v11.cs~400174~v11.s~2d0ee7c0-99a1-11ee-b388-e3b29a5f7a8b~v11.sla~1704987972599~v11.send~1705038917667~gtrk.la~lra85d4e~lcw~1705038918062",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-11T05:55:18.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Strict"
},
{
"name": "_ga_K3HMPCCMCB",
"value": "GS1.1.1705038918.2.0.1705038918.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-15T05:55:18.244Z",
"httpOnly": false,
"secure": false
},
{
"name": "AMCV_90FF097853513F650A490D4C%40AdobeOrg",
"value": "-1124106680%7CMCIDTS%7C19739%7CMCMID%7C22987565713950551571426649978084410057%7CMCAAMLH-1706002902%7C3%7CMCAAMB-1706002902%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1705405302s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-19T09:41:42.644Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga_FRBQPVFZSP",
"value": "GS1.1.1705398109.23.1.1705406720.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-19T12:05:20.323Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga",
"value": "GA1.1.453289425.1690788553",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-22T15:05:37.563Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga_YR2096LTFZ",
"value": "GS1.1.1705676699.71.1.1705677162.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-22T15:12:42.420Z",
"httpOnly": false,
"secure": false
},
[Wednesday 4:01 PM] Bochare, Rupali
{
"name": "s_ecid",
"value": "MCMID%7C22987565713950551571426649978084410057",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-14T15:43:07.648Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga_NFFRXNTCW0",
"value": "GS1.1.1690788553.1.0.1690788553.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-03T07:29:13.279Z",
"httpOnly": false,
"secure": false
},
{
"name": "_fbp",
"value": "fb.1.1690788565311.738056495",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-04-10T15:43:07.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Lax"
},
{
"name": "ELOQUA",
"value": "GUID=BFFE5EDD933A4975BA4A685FF0D82036",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-08-31T07:29:29.237Z",
"httpOnly": false,
"secure": false
},
{
"name": "_CEFT",
"value": "Q%3D%3D%3D",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-10T15:43:07.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Strict"
},
{
"name": "notice_preferences",
"value": "2:",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T10:09:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "notice_gdpr_prefs",
"value": "0,1,2:",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T10:09:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "cmapi_gtm_bl",
"value": "",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T04:39:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "cmapi_cookie_privacy",
"value": "permit 1,2,3",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-09-14T10:09:28.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "_psr",
"value": "ps.2.650beb32550c550000216ee2",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-22T12:40:12.010Z",
"httpOnly": false,
"secure": false
},
{
"name": "_hjSessionUser_1143700",
"value": "eyJpZCI6IjVmMTE0NGQwLWM3YmItNTE3Zi1hNjUzLTExZmE5M2U4M2ZlZSIsImNyZWF0ZWQiOjE2OTA3ODg1NTc4MzksImV4aXN0aW5nIjp0cnVlfQ==",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-10T15:43:07.000Z",
"httpOnly": false,
"secure": true,
"sameSite": "None"
},
{
"name": "_ga_XGPHRMCF98",
"value": "GS1.1.1697695647.5.0.1697695647.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-11-22T06:07:27.982Z",
"httpOnly": false,
"secure": false
},
{
"name": "_gcl_au",
"value": "1.1.1864192195.1698733962",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-01-29T06:32:42.000Z",
"httpOnly": false,
"secure": false
},
{
"name": "__ncuid",
"value": "1529b48b-bd62-4002-8ca9-9b6a29575325",
"path": "/",
"domain": ".bmc.com",
"expires": "2024-10-30T06:32:43.000Z",
"httpOnly": false,
"secure": false
},
{
"name": "ajs_user_id",
"value": "18ccb67ea2ecce16450b2babb5ec693593cf63cf",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-04T12:22:52.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Lax"
},
{
"name": "ajs_anonymous_id",
"value": "65ab6dfa-a9ad-4659-8301-3c6d2127e4d0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-04T12:22:52.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Lax"
},
{
"name": "_uetvid",
"value": "fc3817202f7311eea54e591d2709b08c",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-04T15:43:07.000Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ce.s",
"value": "v~9fa51fb4905691628edb4cefa8e0661afac5302c~lcw~1705038918013~vpv~4~lva~1704987661194~v11.cs~400174~v11.s~2d0ee7c0-99a1-11ee-b388-e3b29a5f7a8b~v11.sla~1704987972599~v11.send~1705038917667~gtrk.la~lra85d4e~lcw~1705038918062",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-01-11T05:55:18.000Z",
"httpOnly": false,
"secure": false,
"sameSite": "Strict"
},
{
"name": "_ga_K3HMPCCMCB",
"value": "GS1.1.1705038918.2.0.1705038918.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-15T05:55:18.244Z",
"httpOnly": false,
"secure": false
},
{
"name": "AMCV_90FF097853513F650A490D4C%40AdobeOrg",
"value": "-1124106680%7CMCIDTS%7C19739%7CMCMID%7C22987565713950551571426649978084410057%7CMCAAMLH-1706002902%7C3%7CMCAAMB-1706002902%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1705405302s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-19T09:41:42.644Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga_FRBQPVFZSP",
"value": "GS1.1.1705398109.23.1.1705406720.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-19T12:05:20.323Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga",
"value": "GA1.1.453289425.1690788553",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-22T15:05:37.563Z",
"httpOnly": false,
"secure": false
},
{
"name": "_ga_YR2096LTFZ",
"value": "GS1.1.1705676699.71.1.1705677162.0.0.0",
"path": "/",
"domain": ".bmc.com",
"expires": "2025-02-22T15:12:42.420Z",
"httpOnly": false,
"secure": false
}
Comment From: bclozel
I don't think Spring is involved here. It seems those cookies are related to Google Analytics, Atlassian Jira and other products. I'm closing this issue as a result.
We can reopen this issue if you can provide a minimal sample application that shows those cookies being added by Spring.