Well, there's no problem there. Checking the head looks ok: my tests
show three Set-Cookie statements:
$ curl -I --cookie
"auth_tkt=ZjY4MDk5NWYwOTRlODNmNGJiNDhlNmI0ZmY4M2ZkZjM0NTdjMDA3Y21sQG1lbGFuZ2UtaXQubmwhMTE2NTc1NDQ5Mjo4Mi45Mi45NS4yMDI=;
domain=main.domain.com;" http://main.domain.com/logout
HTTP/1.1 200 OK
Date: Sun, 10 Dec 2006 12:50:09 GMT
Server: Apache
Set-Cookie: auth_tkt=; path=/; domain=main.domain.com; expires=Sun,
10-Dec-2006 11:50:09 GMT
Set-Cookie: auth_tkt=; path=/; domain=first.domain.com; expires=Sun,
10-Dec-2006 11:50:09 GMT
Set-Cookie: auth_tkt=; path=/; domain=second.domain.com; expires=Sun,
10-Dec-2006 11:50:09 GMT
Refresh: 0;URL=http://www.domain.com/login.html
Content-Type: text/plain
Is this a browser related problem??
Philip M. Gollucci wrote:
John ORourke wrote:
Very strange then... My best guess is the browser will only accept
one cookie with a given name in a given set of headers - check the
response headers to see that they're all there, then you know it's
the browser. I found the Web Developers Toolbar for Firefox very
useful when doing my cookie code - you can view, manually add, clear
session cookies, clear domain cookies, view which cookies will be
sent to the server, view response headers etc.
Like um ---
curl -I -Hmyheader URI
never trust a browser -- just make you send what you mean to send.
