httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 55279] mod_session sends the cookie-altering header out in plain-text
Date Sun, 21 Jul 2013 13:20:15 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=55279

--- Comment #1 from Graham Leggett <minfrin@sharp.fm> ---
It should not be necessary no, this was not what was intended.

Can you verify that this fixes it for you:

Index: modules/session/mod_session.c
===================================================================
--- modules/session/mod_session.c    (revision 1501510)
+++ modules/session/mod_session.c    (working copy)
@@ -443,6 +443,8 @@
                 override = apr_table_get(r->headers_out, conf->header);
             }
             if (override) {
+                apr_table_unset(r->err_headers_out, conf->header);
+                apr_table_unset(r->headers_out, conf->header);
                 z->encoded = override;
                 z->dirty = 1;
                 session_identity_decode(r, z);

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message