Invalid character in header content ["Location"]

rebeccapeltz · May 26, 2020, 5:23am

I’m getting this error message in the browser (500) when I click on logout.
Deployed on vercel: https://next-auth-app-1.now.sh/

Invalid character in header content ["Location"]

Here’s my code: https://github.com/rebeccapeltz/next-auth-app-1/blob/master/pages/api/logout.js
Any help appreciated.
Becky

john.gateley · May 26, 2020, 2:41pm

Hi Becky,

Could you capture a HAR file, or post the exact Location header?

Thanks

John

rebeccapeltz · May 26, 2020, 6:01pm

next-auth-app-1.now.sh.har (1.1 MB)

I’ve uploaded from a recent session.

Becky

john.gateley · May 26, 2020, 6:44pm

The HAR file helped a little with the context, but I don’t see a reason. Can you check the tenant logs? Is there a corresponding error there?

John

rebeccapeltz · May 26, 2020, 7:03pm

[GET] /api/logout
11:54:03:19
2020-05-26T18:54:03.855Z 2a200611-cd1a-4241-ac04-034baa783aca ERROR TypeError [ERR_INVALID_CHAR]: Invalid character in header content [“Location”]
at ServerResponse.setHeader (_http_outgoing.js:529:3)
at ServerResponse.writeHead (_http_server.js:273:21)
at Object. (/var/task/node_modules/@auth0/nextjs-auth0/dist/handlers/logout.js:30:13)
at Generator.next ()
at /var/task/node_modules/tslib/tslib.js:115:75
at new Promise ()
at Object.__awaiter (/var/task/node_modules/tslib/tslib.js:111:16)
at Object.handleLogout (/var/task/node_modules/@auth0/nextjs-auth0/dist/handlers/logout.js:11:34)
at logout (/var/task/.next/serverless/pages/api/logout.js:174:70)
at apiResolver (/var/task/node_modules/next/dist/next-server/server/api-utils.js:6:7) {
code: ‘ERR_INVALID_CHAR’
}

When I look at the headers in req, res in network tab, I don’t see a Location. The only real mention of Location in the code is in the ssr-profile.js page which sets a 302.

if (!session || !session.user) {
    res.writeHead(302, {
      Location: '/api/login',
    })
    res.end()
    return
  }

I think it’s possible I entered something incorrect in configuring auth0, but I’m sure what.
For allowed logout urls, I have this: http://localhost:3000/,
https://next-auth-app-1.now.sh/
For application login I have this: https://next-auth-app-1.now.sh/api/callback/login
Do these look like the correct values?

rebeccapeltz · May 28, 2020, 2:30am

I’m still experiencing this problem even though I’ve verified my config is good. Does anyone know how to troubleshoot the creation of response headers after logout is complete. The logout successfully removes cookies from the browser. I can’t figure out what is in the Location header that is causing the problem.

karen1 · June 5, 2020, 2:18pm

This has been resolved. Rebecca did so by removing all env variables added to the Vercel online application settings. Then, adding the secrets using the now CLI now secrets add and deploying the app by setting up other env variables in now.json and using now --prod .

konrad.sopala · June 8, 2020, 9:42am

Perfect! Thanks for the headsup Karen!

system · June 23, 2020, 9:42am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Nextjs-auth0 sometimes throws a TypeError at NodeCookies.getSetCookieHeader when idle Help management-api , users	2	1576	April 18, 2023
Logout always causes CORS error Help login-experience , new-universal-login-experience	3	240	August 12, 2024
New to Auth0 - Allowed URL Logout not working in my next.js app Help configuration , application	2	2136	January 4, 2024
Laravel 5.8 Integration Invalid State on callback Help jwt , auth0 , login	5	3561	July 30, 2019
Invalid Security Token in NextJS app Help nextjs-auth0 , sdks-quickstarts	3	741	October 18, 2023

Invalid character in header content ["Location"]

Related topics