Invalid character in header content ["Location"]

I’m getting this error message in the browser (500) when I click on logout.
Deployed on vercel: https://next-auth-app-1.now.sh/

Invalid character in header content ["Location"]

Here’s my code: https://github.com/rebeccapeltz/next-auth-app-1/blob/master/pages/api/logout.js
Any help appreciated.
Becky

Hi Becky,

Could you capture a HAR file, or post the exact Location header?

Thanks

John

next-auth-app-1.now.sh.har (1.1 MB)

I’ve uploaded from a recent session.

Becky

The HAR file helped a little with the context, but I don’t see a reason. Can you check the tenant logs? Is there a corresponding error there?

John

[GET] /api/logout
11:54:03:19
2020-05-26T18:54:03.855Z 2a200611-cd1a-4241-ac04-034baa783aca ERROR TypeError [ERR_INVALID_CHAR]: Invalid character in header content [“Location”]
at ServerResponse.setHeader (_http_outgoing.js:529:3)
at ServerResponse.writeHead (_http_server.js:273:21)
at Object. (/var/task/node_modules/@auth0/nextjs-auth0/dist/handlers/logout.js:30:13)
at Generator.next ()
at /var/task/node_modules/tslib/tslib.js:115:75
at new Promise ()
at Object.__awaiter (/var/task/node_modules/tslib/tslib.js:111:16)
at Object.handleLogout (/var/task/node_modules/@auth0/nextjs-auth0/dist/handlers/logout.js:11:34)
at logout (/var/task/.next/serverless/pages/api/logout.js:174:70)
at apiResolver (/var/task/node_modules/next/dist/next-server/server/api-utils.js:6:7) {
code: ‘ERR_INVALID_CHAR’
}

When I look at the headers in req, res in network tab, I don’t see a Location. The only real mention of Location in the code is in the ssr-profile.js page which sets a 302.

if (!session || !session.user) {
    res.writeHead(302, {
      Location: '/api/login',
    })
    res.end()
    return
  }

I think it’s possible I entered something incorrect in configuring auth0, but I’m sure what.
For allowed logout urls, I have this: http://localhost:3000/,
https://next-auth-app-1.now.sh/
For application login I have this: https://next-auth-app-1.now.sh/api/callback/login
Do these look like the correct values?

I’m still experiencing this problem even though I’ve verified my config is good. Does anyone know how to troubleshoot the creation of response headers after logout is complete. The logout successfully removes cookies from the browser. I can’t figure out what is in the Location header that is causing the problem.

This has been resolved. Rebecca did so by removing all env variables added to the Vercel online application settings. Then, adding the secrets using the now CLI now secrets add and deploying the app by setting up other env variables in now.json and using now --prod .

1 Like

Perfect! Thanks for the headsup Karen!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.