andrewlock
commented
1 year ago This immediately made me think of this: https://andrewlock.net/fixing-nginx-upstream-sent-too-big-header-error-when-running-an-ingress-controller-in-kubernetes/
Basically, having headers that are too big can be a problem. Unfortunately, there's not a one-size-fits-all solution.
Afaik, the best option may be to try to consolidate some of your CSP directives. For example, instead of setting both script-src and style-erc, just use default-src instead; things like that.
Not great, I know, but other options to increase buffers etc may end up giving you issues down the line, so my first go-to would be to do this.
If that's not possible, looking into increasing buffer/header sizes may work. Either way I don't think there's anything the library can do to solve this 🤔
daver77
We've noticed lots of OIDC errors on our websites since adding stricter CSP headers
At first I thought how can NetEscapades have anything to do with this, then I found this post suggesting that too many CSP's can cause issues https://stackoverflow.com/questions/73560959/getting-502-bad-gateway-in-post-applicatonurl-signin-oidc-after-apply-nwebsec-c
Has anyone else come across this issue?