httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <>
Subject Re: general/2615: Set-Cookie not sent with Redirect response
Date Tue, 22 Dec 1998 22:35:27 GMT
Aaron wrote:
> I've been using a patch similar to the one I included with the PR for a
> few months now without any noticable problems or incompatibilities.
> My question is, is it in fact 'illegal' to send a Set-Cookie with
> redirects or other non-2XX responses?  I poked around looking for
> some documentation on the subject but found nothing.

My lazy answer is that the CPAN CGI module sends cookies with redirects,
and they work. The non-lazy answer is RTFR (Read The F***** RFC).

If the RFC says you can't, that's a great shame, coz there's a bleedin'
obvious circumstance where you want to do this - you've just logged in,
posted your id/password to some form handler, and it wants to plant a
cookie on you proving this and redirect you to some useful content
rather than a "thankyou for logging in" page.


Ben [yeah, sometimes I actually mess with websites and not just

Ben Laurie            |Phone: +44 (181) 735 0686| Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|
and Technical Director|Email: |
A.L. Digital Ltd,     |Apache-SSL author
London, England.      |"Apache: TDG"

View raw message