The new cookie setting feature of mod_rewrite adds the Set-Cookie header
to r->headers_out. Shouldn't this be r->err_headers_out instead?
The error headers are always present whereas the the normal headers do not
appear under error conditions. In applications where I have an apache
module setting cookies, I have always found that setting err_headers_out
gives me the complete coverage that I want.
Thoughts?
-adam
Attached is a patch to set err_headers_out instead:
Index: mod_rewrite.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/mappers/mod_rewrite.c,v
retrieving revision 1.124
diff -u -r1.124 mod_rewrite.c
--- mod_rewrite.c 10 Jul 2002 06:01:10 -0000 1.124
+++ mod_rewrite.c 16 Jul 2002 17:15:33 -0000
@@ -4162,12 +4162,7 @@
: NULL,
NULL);
-
- /*
- * XXX: should we add it to err_headers_out as well ?
- * if we do we need to be careful that only ONE gets sent out
- */
- apr_table_add(r->headers_out, "Set-Cookie", cookie);
+ apr_table_add(r->err_headers_out, "Set-Cookie", cookie);
rewritelog(r, 5, "setting cookie '%s' to '%s'", var, val);
}
}
