Has anybody looked at this simple change?
Any concerns?
Here is the text of the bug report: ---------
RFC 2109 -- HTTP State Management, e.g. cookies -- does not specify whether
cookies should be returned on requests with HTTP status codes other than 200. However, the earlier Netscape cookie specification did state that cookies should
be returned on other status codes, specifically 304 (Not modified).
Returning cookies during a 304 or 302 (Redirect) is very useful for authorization / access-management products.
Can you please enable the Set-Cookie header during a 304?
Code to change is line 1675 of /modules/http/http_protocol.c.
Thanks! -------
+1 on returning a cookie header on a 304.
Bill
