httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 18388] New: - Set-Cookie header not honored on 304 (Not modified) status
Date Wed, 26 Mar 2003 20:39:42 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18388>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18388

Set-Cookie header not honored on 304 (Not modified) status

           Summary: Set-Cookie header not honored on 304 (Not modified)
                    status
           Product: Apache httpd-2.0
           Version: 2.0.44
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Core
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: ryan.eberhard@entegrity.com


RFC 2109 -- HTTP State Management, e.g. cookies -- does not specify whether
cookies should be returned on requests with HTTP status codes other than 200. 
However, the earlier Netscape cookie specification did state that cookies should
be returned on other status codes, specifically 304 (Not modified).

Returning cookies during a 304 or 302 (Redirect) is very useful for
authorization / access-management products.

Can you please enable the Set-Cookie header during a 304?

Code to change is line 1675 of /modules/http/http_protocol.c.

Thanks!

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message