Hello,
When the Stratos ELB is proxying third party applications - some of these applications send several Set-Cookie headers in one response. RFC2109 states: An origin server may include multiple Set-Cookie headers in a response. Note that an intervening gateway could fold multiple such headers into a single header. Which means we should be able to fold multiple cookies into one Set-Cookie. However this specification is obsolete and the more up-to-date version (RFC6265) states: Origin servers SHOULD NOT fold multiple Set-Cookie header fields into a single header field. The usual mechanism for folding HTTP headers fields (i.e., as defined in [RFC2616 <http://tools.ietf.org/html/rfc2616>]) might change the semantics of the Set-Cookie header field because the %x2C (",") character is used by Set-Cookie in a way that conflicts with such folding. I suspect this to be the issue when proxying Wordpress via the ELB - Multiple Set-Cookies are ignored by the current Synapse implementation. I tried, making the synapse implementation fold multiple cookies (as per the older RFC2109) using "," but it didn't do anything different. Did the wordpress login work in previous versions? Also I have been implementing https://wso2.org/jira/browse/ESBJAVA-1659 for the passthru transport - but if I understand correctly this only solves the issue of a header having multiple values and not multiple headers by the same name? Thanks, Ravi
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
