Next-auth session cookies cause RequestHeaderSectionTooLarge when getting static assets

[jacobgill1]

Is there an existing issue for this?

• [X] I have searched the existing Issues

Current Behavior

When using next-auth with access tokens and refresh tokens to secure my site, I receive a RequestHeaderSectionTooLarge error when retrieving static assets. This is due to the maximum size being 8192 on S3 buckets (see https://github.com/aws-amplify/amplify-hosting/issues/2558).

Expected Behavior

Amazon S3 doesn't process cookies see docs here.

I think the cookie_behavior option in the cloudfront cache policy should be changed to "none" in the locals.tf

Steps To Reproduce

Use next-auth with a large session cookie

Output

No response

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

Sensitive Information Declaration

• [X] I confirm that neither PII/PID nor sensitive data are included in this form

[debu99]

will this cause this issue when send to lambda function url?