httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rief, Jacob" <Jacob.R...@Tiscover.com>
Subject mod_proxy (proxy_httpd.c >= v.1.83) splits single Set-Cookie valu e into two cookies
Date Fri, 01 Mar 2002 12:42:57 GMT
It seems as if the cookie-merging code in proxy_httpd.c version>=1.83
introduced a new bug.
In one special case a single valued cookie is splitted into
two cookies with garbage values (see below)
In this text I added a newline after each attribute-value-pair,
just in case the mailprogram wrappes the lines.

This is the httpd-request:
----------------------------------------------------
GET
http://10.2.2.124:8100/servlet/AdminServlet/6,de,SCH1,73/setdevcookie,true/S
tart.html;jsessionid=777777777777 HTTP/1.0

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword,
*/*

Referer:
http://10.2.2.124:8100/servlet/AdminServlet/6,de,SCH1,73/_/Start.html;jsessi
onid=777777777777

Accept-Language: de

Accept-Encoding: gzip, deflate

User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)

Host: 10.2.2.124:8100

Proxy-Connection: Keep-Alive
----------------------------------------------------


This is the header output from the native (non-proxied) webserver:
----------------------------------------------------
HTTP/1.1 200 OK

Date: Fri, 01 Mar 2002 11:53:34 GMT

Server: Apache/1.3.22 (Unix)  (Red Hat/Linux)

Set-Cookie: tis_developer=true;expires=Sat, 02-Mar-2002 11:47:03 GMT;path=/

Pragma: no-cache

Connection: Keep-alive, close

Expires: Fri, 01 Mar 2002 11:53:34 GMT

Cache-Control: no-cache="set-cookie,set-cookie2"

Content-Length: 5468

Content-Type: text/html; charset=ISO-8859-1
----------------------------------------------------

And this the header output if passed through the proxy-server,
compiled with the source for Apache-1.3.23 with proxy_httpd.c version 1.83,
and proxy_cache.c version 1.78.
----------------------------------------------------
HTTP/1.1 200 OK

Date: Fri, 01 Mar 2002 12:16:50 GMT

Server: Apache/1.3.23 (Unix)  (Red Hat/Linux) PHP/4.0.6 mod_ssl/2.8.6
OpenSSL/0.9.6

Cache-Control: no-cache="set-cookie,set-cookie2"

Content-Length: 5468

Content-Type: text/html; charset=ISO-8859-1

Expires: Fri, 01 Mar 2002 12:16:50 GMT

Pragma: no-cache

X-Cache: MISS from www.tiscover.at

Set-Cookie: tis_developer=true;domain=www.tiscover.at;expires=Sat

Set-Cookie:  02-Mar-2002 12:08:03 GMT;path=/

Connection: close
----------------------------------------------------

please note the difference in Set-Cookie. Could it be that
the ',' in the expire-date is interpreted as ';' ?

Regards, Jacob

Mime
View raw message