On Wed, Jun 29, 2016 at 10:27 AM, Yann Ylavic <[email protected]> wrote: > On Wed, Jun 29, 2016 at 9:33 AM, Plüm, Rüdiger, Vodafone Group > <[email protected]> wrote: [..] >>> We've observed multiple gateways, operated by e.g. AT&T, COLT and >>> Vodafone, that inject additional Cookie: headers into client requests, >>> such as >>> >>> Cookie: actually=from_the_client >>> Cookie: Bearer-Type=w-TCP >>> Cookie: network-access-type=UMTS
>> How about >> >> RequestHeader edit* Cookie ", " "; " > > Or possibly something more generic (quoting, escaping...), but less readable > :p > > RequestHeader edit* Cookie > ([^=;,]++)(="(?:[^\\\\"]\\\\.)*+[^"]*+"|[^;,]*)?+[;,] $1$2; early > > (with or without the "early" flag) > > Regards, > Yann. I have to admit that I'd never have thought of using mod_headers. Both solutions work as expected, but Yann's solution looks somewhat more robust to me, so I think I'll go with that. thanks, rainer
