DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18230>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18230 RequestHeader add/append Cookie uses comma instead of semi-colon Summary: RequestHeader add/append Cookie uses comma instead of semi-colon Product: Apache httpd-2.0 Version: 2.0.44 Platform: Sun OS/Version: Solaris Status: NEW Severity: Normal Priority: Other Component: mod_headers AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] The following directive: RequestHeader append Cookie [EMAIL PROTECTED]:time:hash Adds the [EMAIL PROTECTED]:time:hash cookie to the request, but it adds it using a comma as a separator instead of a semi-colon. I've also tried "add". I am using this with a ProxyPass directive to proxy a cookie-protected resource. "set" works, only the JSESSIONID cookie gets overwritten, which breaks session handling. When Weblogic gets the request from the proxy, it has a problem with the comma in the Cookie: header (from wl log): "Got bad cookie header: in cookie 'JSESSIONID=27LOkjeKfPdPrH9bvjHka08ny4uBTkn0cCCJizzb1Y1iuYjUie3r!- 1118611395, [EMAIL PROTECTED]:1056035770:hash' character ',' at position 75 is illegal " This is from javax.http.servlet.HttpServletRequest.getCookies() (implemented by Weblogic). The spec says that semi-colon is the separator, but that servers should accept commas. I am opening a bug with Weblogic, but it seems to me that Apache HTTPD should follow the spec as close as possible. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
