On Tue, Feb 16, 2021 at 4:52 PM DICKEY Rob <[email protected]> wrote: > > The source code appears to perform basic string comparisons to match the > stickysession token value against the route, but are there character or > length constraints to the route attribute?
The route is limited to 64 characters and must be preceded by a special character within the URL/cookie value (default character is '.', though stickysessionsep= might be used to change it). These are the only constraints I'm aware of.. But this means that the backend must set routed URLs/cookies of that form, otherwise some "automatic" routing can be performed like in https://httpd.apache.org/docs/2.4/en/mod/mod_proxy_balancer.html#example (the one using mod_headers). Regards; Yann. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
