Solved

Why would my HTTP Header packets be much larger for my remote users?

Posted on 2010-11-15
4
619 Views
Last Modified: 2012-08-14
Greetings,

I manage a Documentum based java application that appears to be making much larger Cookie data in the HTTP headers for some users.  Specifically users overseas that have
Accept-Language: en-us,es;q=0.5

Open in new window

set in IE 6 / Windows.  I think there may be an application firewall or client configuration that causes much larger HTTP packets for these users than local LAN users.

Of specific note is the Cookie data in the packets.  The en, es users in Puerto Rico seem to have much more data in the Cookie portion of the packet , which is making more packets, and contributing to latency.

Here's the cookie portion for a US Mainland user followed by a user in PR:

US:
Cookie: d6_wdk_pref0=eJxTMTS3TUvMKU61UVQxNLYFkibGtiVFqXkplUC2gTlIxNAUocQMzjSytLUyNLGw1Ckoyk9JTM/MB0kb2iLxDAxtkxOLE1OKDYEcUxPb0GB959S8kqLEHBtFANdJIkg.; JSESSIONID=463757EA5A4B0117BC527B457455AEB8; wdk_sess_cookie_0=eJxTMTGzzSvNydEDETaKKiYWtsUlRamJuTmZeakgvrmtiZmxuam5q6Opo4mTgaGhuZOzqZG5k4mpuYmpqaOrkwVQlYGhbXJicWJKsSFIi6WtjSIAUnIXXA..; appname=prodagio_ap; lockFresh=free; allFreshClient=%%cookieTS__client1##1288713288412%%__dmfFreshClient__client1##stale%%__dmfFreshForm__client1##1288713288411

Open in new window


For a PR user:
Cookie: d6_wdk_pref0=eJyNkU1uwjAQhc+ClCVq7QRIqPCCig0bFnAA5NiTyKr/ajuo6elr0oQ2UNpurJnn8RvPN3iR5zizzjDw3hnuhE9RSf0LhCPnkqACpUWV4gLhZV5WxWqSzDISHGjexhjlZDXBnYeD1wZ8MG5wsbSGoxfvQtedFUZD6VU7ZmSj9NGDBBaE0eQQaGj8VNIS5IPQJyMYPHd/6jV4Y2DPpXug3uheZUYp0GF4qAwXVbuhAcZOt8quUSW4sbZWptFDP2tGJac4vXFbPkp3VF3ZHpoytBYuHvuBUK+4q7yiTEgR2lEvK2n8xroD4yPxdEme8KxYTiNETmth7kD9iX6CMBnuYzafkbUCJxh93EBwRoQo4jxut4G7W/3XskbwfoH8bRU327oPuYfxN7XP2NtabjWPY8YxzhNm5HzO+zkTvLhEmHxRTdKMMEm9F2w1+QBcLSDv; JSESSIONID=3C11293391614CC4605AFCAFAA0FE464; wdk_sess_cookie_0=eJxTMTGzzSvNydEDETaKKiYWtsk5icXFmckgjrmtsbOhoZGlsbGloZmhibOziZmBqaObs6Obo6OBm6uJmQlQlYGhbVF+SlFmsZEBSI+lrY0iAACHFnA.; appname=prodagio_ap; timeoutHandler3C11293391614CC4605AFCAFAA0FE464=1288715029743; lockFresh=free; allFreshClient=%%cookieTS__client2##1288714924368%%__dmfFreshClient__client2##stale%%__dmfFreshForm__client2##1288714924367

Open in new window


0
Comment
Question by:eggm4n
  • 2
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
Comment Utility
What is the cookie d6_wdk_pref0?

Just taking a wild guess it has something to do with user preferences.  Which if that is what it means, just means that the remote user has difference preferences specified.

I also noticed that PR user has a cookie that appears to be sometype of session timeout tracker/handler:

     timeoutHandler3C11293391614CC4605AFCAFAA0FE464

Also not sure if the PR user had had multiple sessions, but it also has cookes that refer to client2 vs. the US's session that has client1.

Is there client side code for this application?  If so the client1 vs. client2 could be the version of the client code and since PR has client2 this user may have new client code that has different preferences which makes the preference cookie larger and could have code to handle timeouts.
0
 
LVL 4

Author Comment

by:eggm4n
Comment Utility
This is great feedback.  I'm taking this to my dev team today.  So far I've confirmed that there was a recent upgrade and some client code may be old, and that d6_wdk_pref0 is indeed a user preference string.

My other question would now be, is this typical of a web application to have all of this cookie data in every HTTP Header GET?
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
Cookies must be returned with every request from the browser.  This is how the server identifies each unique browser session.  Is not the application that does this, its the browser.  

Otherwise the server would not be able to tell the difference from my request and your request.
0
 
LVL 4

Author Closing Comment

by:eggm4n
Comment Utility
Thanks for the advice!
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now