Sveltekit demo project deployed to Heroku gives HTTP 416, when using Linkedin Post Inspector

[alexbjorlig]

Describe the bug

Prerendered pages deployed to Heroku with the @sveltejs/adapter-node gives 416 error:

Reproduction

To reproduce this issue, I created this repo.

it's deployed to this Heroku app.

Try to use the LinkedIn post inspector for the about pre-rendered route, and you get the HTTP 416 error.

Logs

The heroku app just give the following logs: 

2023-03-28T19:12:10.014096+00:00 heroku[router]: at=info method=GET path="/about" host=linkedin-test.herokuapp.com request_id=14a69318-d80d-43f7-993d-e05739f7554b fwd="108.174.5.113" dyno=web.1 connect=0ms service=1ms status=416 bytes=165 protocol=https

### System Info

```Shell
System:
    OS: macOS 13.2.1
    CPU: (10) arm64 Apple M1 Max
    Memory: 22.07 GB / 64.00 GB
    Shell: 5.8.1 - /bin/zsh
  Binaries:
    Node: 16.17.0 - ~/.nvm/versions/node/v16.17.0/bin/node
    npm: 9.4.2 - ~/.nvm/versions/node/v16.17.0/bin/npm
  Browsers:
    Chrome: 111.0.5563.146
    Safari: 16.3
  npmPackages:
    @sveltejs/adapter-node: ^1.2.3 => 1.2.3 
    @sveltejs/kit: ^1.5.0 => 1.14.0 
    svelte: ^3.54.0 => 3.57.0 
    vite: ^4.2.0 => 4.2.1

Severity

blocking an upgrade

Additional Information

No response

[Conduitry]

Does it work for non-pre-rendered routes? Could you log from one of them what exactly the incoming request from LinkedIn looks like? The 416 makes me think they are sending some wacky Range headers that the static file server we're using doesn't like.

[alexbjorlig]

Does it work for non-pre-rendered routes? Could you log from one of them what exactly the incoming request from LinkedIn looks like? The 416 makes me think they are sending some wacky Range headers that the static file server we're using doesn't like.

Yes, it works for non-pre-rendered routes. You can check here.

The post inspector shows the following headers:

2023-03-28T19:52:16.727582+00:00 app[web.1]: url https://linkedin-test.herokuapp.com/sverdle
2023-03-28T19:52:16.727627+00:00 app[web.1]: requestMethod GET
2023-03-28T19:52:16.729398+00:00 app[web.1]: Map(29) {
2023-03-28T19:52:16.729398+00:00 app[web.1]:   'accept' => '*/*',
2023-03-28T19:52:16.729398+00:00 app[web.1]:   'accept-encoding' => 'gzip,deflate',
2023-03-28T19:52:16.729400+00:00 app[web.1]:   'connect-time' => '0',
2023-03-28T19:52:16.729400+00:00 app[web.1]:   'connection' => 'close',
2023-03-28T19:52:16.729406+00:00 app[web.1]:   'cookie' => 'HandLtestDomainNameServer=HandLtestDomainValueServer; first_utm_campaign=ALL_event_jpo; first_utm_content=2023_jan; first_utm_medium=smo; first_utm_source=linkedin; handl_ip=108.174.5.112; handl_landing_page=https%3A%2F%2Fecole-ipssi.com%2Fevents%2Fjournee-portes-ouvertes%2F%3Futm_source%3Dlinkedin%26utm_medium%3Dsmo%26utm_campaign%3DALL_event_jpo%26utm_content%3D2023_jan; handl_url=https%3A%2F%2Fecole-ipssi.com%2Fevents%2Fjournee-portes-ouvertes%2F%3Futm_source%3Dlinkedin%26utm_medium%3Dsmo%26utm_campaign%3DALL_event_jpo%26utm_content%3D2023_jan; handl_url_base=https%3A%2F%2Fecole-ipssi.com%2Fevents%2Fjournee-portes-ouvertes%2F; user_agent=LinkedInBot%2F1.0%20%28compatible%3B%20Mozilla%2F5.0%3B%20Apache-HttpClient%20%2Bhttp%3A%2F%2Fwww.linkedin.com%29; utm_campaign=ALL_event_jpo; utm_content=2023_jan; utm_medium=smo; utm_source=linkedin',
2023-03-28T19:52:16.729406+00:00 app[web.1]:   'host' => 'linkedin-test.herokuapp.com',
2023-03-28T19:52:16.729406+00:00 app[web.1]:   'range' => 'bytes=0-3145727',
2023-03-28T19:52:16.729406+00:00 app[web.1]:   'service-name' => 'babylonia-ingestion',
2023-03-28T19:52:16.729406+00:00 app[web.1]:   'total-route-time' => '0',
2023-03-28T19:52:16.729407+00:00 app[web.1]:   'user-agent' => 'LinkedInBot/1.0 (compatible; Mozilla/5.0; Apache-HttpClient +http://www.linkedin.com)',
2023-03-28T19:52:16.729408+00:00 app[web.1]:   'via' => '1.1 vegur',
2023-03-28T19:52:16.729408+00:00 app[web.1]:   'x-forwarded-for' => '108.174.5.113',
2023-03-28T19:52:16.729408+00:00 app[web.1]:   'x-forwarded-port' => '443',
2023-03-28T19:52:16.729408+00:00 app[web.1]:   'x-forwarded-proto' => 'https',
2023-03-28T19:52:16.729410+00:00 app[web.1]:   'x-li-calltree-request-id' => 'AAAAAAAAAAAAAAAAAAAAAA==',
2023-03-28T19:52:16.729411+00:00 app[web.1]:   'x-li-r2-w-ic-1' => 'user-request-host=www.linkedin.com,countrycode=dk,MultiColoGenerationKey=%7B%22userGeneration%22%3A+1168%7D,serviceCallTraceData=%7B%22version%22%3A5%2C%22treeId%22%3A%22AAX3%2BzIVpvj2SZromrnX3w%3D%3D%22%2C%22rqId%22%3A-551046700%2C%22caller%22%3A%7B%22env%22%3A%22prod-ltx1%22%2C%22container%22%3A%22babylonia-ingestion%22%2C%22service%22%3A%22babylonia-ingestion%22%2C%22version%22%3A%2234.0.71%22%2C%22machine%22%3A%22ltx1-app34500%22%2C%22physical%22%3A%22ltx1-app34500.prod.linkedin.com%22%2C%22instance%22%3A%22i001%22%2C%22slice%22%3A%22a0819f96-c05e-4a87-af46-002b39925c71%22%2C%22sliceInstance%22%3A%22czaq%22%7D%2C%22taskId%22%3A9%2C%22scale%22%3A0.20000000298023224%2C%22enabled%22%3Afalse%2C%22context%22%3A%7B%7D%7D,com.linkedin.container.dsc_fe_enabled=true,com.linkedin.container.rpc.trace.rpcTrace=%28ltx1-app85786.prod.linkedin.com%2Cl1proxy%2Cpost-inspector-api%2FpostInspector%2Fhttps%253A%252F%252Flinkedin-test.herokuapp.com%252Fsverdle%2CAAX3%2BzIVpvj2SZromrnX3w%3D%3D%2C2023%2F03%2F28+19%3A52%3A12.685%29%5Bltx1-app105061%2Csharing-debugger-api-frontend%2C%2FpostInspector%2Fhttps%253A%252F%252Flinkedin-test.herokuapp.com%252Fsverdle+GET%5D%5Bltx1-app34500%2Cbabylonia-ingestion%2C%2FcontentIngestionTasks%2F+PUT%5D,traffic-tiering=bucket%3A54%2Ctier%3A10000%2Cl1Tier%3A10000,mik=AwEFa2V2AOA5lgAAAYcnVHseAAABh0tg_x5WAFmrL2pNKv_G3BpQsSumkeu0D3MqTzKYO2bVTejAV-CBSMvteqflIrqgsLh4veDBobekD_NKe3eeVq6jfRvWxhg%3D,applicationFailout=%7B%22routingType%22%3A%22ROUTE_AWAY%22%2C%22fabric%22%3A%22prod-ltx1%22%2C%22partition%22%3A%22MAIN%22%2C%22index%22%3A6%7D',
2023-03-28T19:52:16.729412+00:00 app[web.1]:   'x-li-r2-w-ic-1-applicationfailout' => '{"routingType":"ROUTE_AWAY","fabric":"prod-ltx1","partition":"MAIN","index":6}',
2023-03-28T19:52:16.729413+00:00 app[web.1]:   'x-li-r2-w-ic-1-com.linkedin.container.dsc_fe_enabled' => 'true',
2023-03-28T19:52:16.729414+00:00 app[web.1]:   'x-li-r2-w-ic-1-com.linkedin.container.rpc.trace.rpctrace' => '(ltx1-app85786.prod.linkedin.com,l1proxy,post-inspector-api/postInspector/https%3A%2F%2Flinkedin-test.herokuapp.com%2Fsverdle,AAX3+zIVpvj2SZromrnX3w==,2023/03/28 19:52:12.685)[ltx1-app105061,sharing-debugger-api-frontend,/postInspector/https%3A%2F%2Flinkedin-test.herokuapp.com%2Fsverdle GET][ltx1-app34500,babylonia-ingestion,/contentIngestionTasks/ PUT]',
2023-03-28T19:52:16.729414+00:00 app[web.1]:   'x-li-r2-w-ic-1-countrycode' => 'dk',
2023-03-28T19:52:16.729415+00:00 app[web.1]:   'x-li-r2-w-ic-1-mik' => 'AwEFa2V2AOA5lgAAAYcnVHseAAABh0tg_x5WAFmrL2pNKv_G3BpQsSumkeu0D3MqTzKYO2bVTejAV-CBSMvteqflIrqgsLh4veDBobekD_NKe3eeVq6jfRvWxhg=',
2023-03-28T19:52:16.729415+00:00 app[web.1]:   'x-li-r2-w-ic-1-multicologenerationkey' => '{"userGeneration": 1168}',
2023-03-28T19:52:16.729418+00:00 app[web.1]:   'x-li-r2-w-ic-1-servicecalltracedata' => '{"version":5,"treeId":"AAX3+zIVpvj2SZromrnX3w==","rqId":-551046700,"caller":{"env":"prod-ltx1","container":"babylonia-ingestion","service":"babylonia-ingestion","version":"34.0.71","machine":"ltx1-app34500","physical":"ltx1-app34500.prod.linkedin.com","instance":"i001","slice":"a0819f96-c05e-4a87-af46-002b39925c71","sliceInstance":"czaq"},"taskId":9,"scale":0.20000000298023224,"enabled":false,"context":{}}',
2023-03-28T19:52:16.729418+00:00 app[web.1]:   'x-li-r2-w-ic-1-traffic-tiering' => 'bucket:54,tier:10000,l1Tier:10000',
2023-03-28T19:52:16.729418+00:00 app[web.1]:   'x-li-r2-w-ic-1-user-request-host' => 'www.linkedin.com',
2023-03-28T19:52:16.729418+00:00 app[web.1]:   'x-li-r2-w-ic-2' => 'com.linkedin.container.dsc=1',
2023-03-28T19:52:16.729418+00:00 app[web.1]:   'x-li-r2-w-ic-2-com.linkedin.container.dsc' => '1',
2023-03-28T19:52:16.729418+00:00 app[web.1]:   'x-request-id' => 'c3888fe4-0031-4820-830c-3be60a0ad2fc',
2023-03-28T19:52:16.729419+00:00 app[web.1]:   'x-request-start' => '1680033136708'
2023-03-28T19:52:16.729419+00:00 app[web.1]: }

Must be the range header giving issues @Conduitry

[alexbjorlig]

Is it possible to maybe give this issue some attention/high priority?

Just to clarify: Sveltekit just doesn't support link previews by Linkedin on pre-rendered pages 😱

[alexbjorlig]

Would it be too much to ask, if we can throw in a bug label and some priority label @dummdidumm? Did spend a lot of time making sure this was something that could be reproduced, and I'm keeping the Heroku app running until we have a fix.

[benmccann]

@alexbjorlig thanks for the investigation. It seems unlikely this bug is in SvelteKit itself, but more likely it's in one of the libraries we use like sirv or polka. It would be great if you could figure out which one and then file a bug with them. Otherwise I'm afraid they'll remain unaware and this will go unfixed.

An idea for figuring out whether it's sirv or polka - swap one of the libraries out with a different implementation. These adhere to the common Node middleware interfaces, so you could swap polka for express and see if it still happens. Since sirv and polka are written by the same author, it's possible you could file the bug without knowing which library was causing it, but I'm guessing that it would expedite things a fair amount if you're able to narrow it down.

Actually, now that I think about it, since it only happens with prerendered pages, probably it's sirv and not polka. If it occurs with vite dev or vite preview then that would also confirm it's sirv because those commands use sirv, but not polka

[gtm-nayan]

According to this, it sounds like a 416 should only be returned if the start is out of bounds and the server should return the available overlap with the requested range even if the end is out of bounds. Whereas sirv returns a 416 if either ends of the requested range are out of bounds.

There is an issue and PR open in sirv for this: lukeed/sirv#140

[alexbjorlig]

Actually, now that I think about it, since it only happens with prerendered pages, probably it's sirv and not polka. If it occurs with vite dev or vite preview then that would also confirm it's sirv because those commands use sirv, but not polka

Did you mean to write?

...since it only happens with prerendered pages, probably it's polka and not sirv

[benmccann]

Did you mean to write? ...since it only happens with prerendered pages, probably it's polka and not sirv

No. Prerendered pages are static. sirv is only used with static pages (i.e. prerendered pages). polka is used with all pages including dynamic pages

[alexbjorlig]

Ok - I'm sorry I don't completely understand it then. I hope we have a fix quickly - currently, the node-adapter does not support building a project with pre-rendering and linking to it on Linkedin 😱

[benmccann]

this has been fixed in sirv. you can update your project to sirv 2.0.3 and it should be fixed

[Conduitry]

@benmccann sirv is a dev dependency of adapter-node. It's bundled into the handler.js that's part of the runtime code for adapted apps. (https://unpkg.com/@sveltejs/adapter-node@1.2.3/files/handler.js) This isn't something consumer can upgrade. We need to upgrade this on our end and release a new version of the adapter.