Bug Report from evilvillain #2021-0-26_17-51-57

OS info

Nodejs
Heroku
Postgres

Problem description

Receiving ERR_HTTP_HEADERS_SENT when trying to use security restrict with nodejs on Heroku. The process works fine locally. If I comment out the server connect trying to apply the security restrict, it works fine in Heroku as well but obviously doesn’t restrict access.

I saw a similar post from Nov. 2020 and the resolution was an updated lib/auth/provider.js. I downloaded the version from the post and it appears to be the same version as is in the 3.7.2 distribution.

node:internal/process/promises:227
    2021-01-26T23:49:40.417651+00:00 app[web.1]: triggerUncaughtException(err, true /* fromPromise */);
    2021-01-26T23:49:40.417652+00:00 app[web.1]: ^
    2021-01-26T23:49:40.417653+00:00 app[web.1]: 
    2021-01-26T23:49:40.417653+00:00 app[web.1]: Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
    2021-01-26T23:49:40.417654+00:00 app[web.1]: at new NodeError (node:internal/errors:329:5)
    2021-01-26T23:49:40.417654+00:00 app[web.1]: at ServerResponse.setHeader (node:_http_outgoing:572:11)
    2021-01-26T23:49:40.417655+00:00 app[web.1]: at ServerResponse.header (/app/node_modules/express/lib/response.js:771:10)
    2021-01-26T23:49:40.417655+00:00 app[web.1]: at ServerResponse.append (/app/node_modules/express/lib/response.js:732:15)
    2021-01-26T23:49:40.417655+00:00 app[web.1]: at ServerResponse.res.cookie (/app/node_modules/express/lib/response.js:857:8)
    2021-01-26T23:49:40.417656+00:00 app[web.1]: at App.setCookie (/app/lib/core/app.js:104:18)
    2021-01-26T23:49:40.417656+00:00 app[web.1]: at DatabaseProvider.login (/app/lib/auth/provider.js:57:26)
    2021-01-26T23:49:40.417657+00:00 app[web.1]: at processTicksAndRejections (node:internal/process/task_queues:94:5) {
    2021-01-26T23:49:40.417657+00:00 app[web.1]: code: 'ERR_HTTP_HEADERS_SENT'
    2021-01-26T23:49:40.417658+00:00 app[web.1]: }

Steps to reproduce

  1. Add server connect to page
  2. Select appropriate security restrict server connect api
  3. Deploy to Heroku
  4. Access respective page
Community Page
Last updated: