On Thu, 2011-06-16 at 17:46 +0200, Sorin Manolache wrote: > Hello, > > I have a content generator that sets a cookie on a domain. I know the > cookie name and the domain name, they never change. However the cookie > value and expiration time vary. I would like to add the cookie with > same name and value, and optionally the same expiration time to a > second domain. Is there a way to do it just by configuring apache and > its standard modules? I do not want to _edit_ the Set-Cookie header. I > want to _add_ a second Set-Cookie header that is identical to the > first with the exception of the domain. > > Here's an example: > > The content generator gives the response > > Set-Cookie: cookie_name=cookie_value; domain=host.domain.net; > expires=Mon, 20 Jun 2011 10:00:00 GMT > > I want the response > > Set-Cookie: cookie_name=cookie_value; domain=host.domain.net; > expires=Mon, 20 Jun 2011 10:00:00 GMT > Set-Cookie: cookie_name=cookie_value; domain=.domain.net; expires=Mon, > 20 Jun 2011 10:00:00 GMT > > Can I get this response just by changing the configuration of apache? > > "Header edit cookie_name(.*)domain=[^;]+(.*) > cookie_name$1domain=.domain.net$2" does not help as it only moves the > cookie from one domain to the other and I want it copied, not moved.
That is really how it should be. A second header of the same name isn't really allowed in the specification. I realize that some CGI tools successfully add it in, and browsers do try to handle multiples, but it isn't supposed to happen. Two viable options : Print one header with a 302 in order to force the browser to make a second request that we can get the other cookie into. Respond with javascript that sets the cookie for the second domain. Joe -- Director - Systems Administration http://www.silverhawk.net/