How can I make nginx return 431 instead of 400 for Request Header Or Cookie Too Large?

Question

I've got a default nginx config (I don't explicitly return 400 for any scenario):

http {
    ...
    
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    ...

    include /etc/nginx/conf.d/*.conf;
}

and it returns

<html>
<head><title>400 Request Header Or Cookie Too Large</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>Request Header Or Cookie Too Large</center>
<hr><center>nginx</center>
</body>
</html>
* Closing connection 0

which is OK.

However I'd like to alter nginx config to return 431 instead of 400 for that kind of error, what's the easiest way to do it?

I tried looking at the following questions:

• nginx 431 Request Header Fields Too Large
• 400 Bad Request Request Header Or Cookie Too Large nginx
• nginx 431 Request Header Fields Too Large

but they're more about fixing the error instead of returning a different status code.

The alternative solution could be to bump the limit:

server {
    # ...
    large_client_header_buffers 4 32k;
    # ...
}

by following https://stackoverflow.com/a/19285146/17109505.

I also found a config that do map $status $status_text { under http block:

map $status $status_text {
...
        431 'Request Header Fields Too Large';
...
    }

will it be able to fix that?

Answer 1

You don't show anything from your real server config except the include /etc/nginx/conf.d/*.conf; so I can only guess what is it really contains. You can try to use error_page directive the following way:

error_page 400 =431 /431.html;

Create and put somewhere (for example, to the /usr/share/nginx/html folder) the following HTML file (again, you can put anything inside that file, this is just an example):

<html>
<head><title>431 Request Header Or Cookie Too Large</title></head>
<body>
<center><h1>431 Bad Request</h1></center>
<center>Request Header Or Cookie Too Large</center>
<hr><center>nginx</center>
</body>
</html>

This custom error page should't have any external assets (i.e. scripts, styles, images etc.) references (however you are ok to use any inline styles, scripts, or even BASE64-encoded images).

Now use the following location at your server block:

location = /431.html {
    internal;
    root /usr/share/nginx/html;
}

I also found a config that do map $status $status_text { ... } under http block:

map $status $status_text {
    ...
    431 'Request Header Fields Too Large';
    ...
}

will it be able to fix that?

What an interesting solution! It uses an internal nginx variable $status to get the error message from the response status code and then use those $status and $status_text variables via Server Side Includes in the universal error.html error page. I see such a technique the first time, very nice approach. However I'm not sure it will be usefull for your particular case. If you'd want to use a similar universal error page, you will need at least two error_page directives:

error_page 400 =431 /error.html;        # change response status code from 400 to 431
error_page 401 402 403 ... /error.html; # left other response status codes unchanged