On Mar 6, 2013 9:15 PM, "Ravi Undupitiya" <[email protected]> wrote: > > Hello, > > > > When the Stratos ELB is proxying third party applications - some of these applications send several Set-Cookie headers in one response. > > RFC2109 states: > > An origin server may include multiple Set-Cookie headers in a > response. Note that an intervening gateway could fold multiple such > headers into a single header. > > > Which means we should be able to fold multiple cookies into one Set-Cookie. However this specification is obsolete and the more up-to-date version (RFC6265) states: > > > Origin servers SHOULD NOT fold multiple Set-Cookie header fields into > a single header field. The usual mechanism for folding HTTP headers > fields (i.e., as defined in [RFC2616]) might change the semantics of > the Set-Cookie header field because the %x2C (",") character is used > by Set-Cookie in a way that conflicts with such folding. > > > > I suspect this to be the issue when proxying Wordpress via the ELB - Multiple Set-Cookies are ignored by the current Synapse implementation. > > I tried, making the synapse implementation fold multiple cookies (as per the older RFC2109) using "," but it didn't do anything different. > > > Did the wordpress login work in previous versions? > > Also I have been implementing https://wso2.org/jira/browse/ESBJAVA-1659 for the passthru transport - but if I understand correctly this only solves the issue of a header having multiple values and not multiple headers by the same name?
If you read the test case there, you'll see that this is the exact issue. > > > Thanks, > > Ravi > > > > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
