I recently patched bug 10722. My patch was against 2.0.49, for a Client who needed it in a hurry.
I'm just porting it to 2.1-HEAD. In doing so, I find there's an existing patch that saves and restores cookies without rewriting the Domain and Path components. AFAICS my patch would/should supersede that one. But I'm reluctant to do so without understanding the purpose of the other patch. The other patch is at http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/proxy/proxy_http.c?r1=1.184&r2=1.185 It appears just to merge Set-Cookie headers in r->err_headers_out with those in r->headers_out. The latter have just come from the backend (the server proxied). But how/why should there be (any) cookies in r->err_headers_out at this point? Presumably they'd be from the proxy rather than the backend? And why merge them into a normal 2xx response? -- Nick Kew
