httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xtophr99 <xtoph...@gmail.com>
Subject [users@httpd] Duplicate Set-Cookie: Headers coming back from server when using mod_auth_form/mod_session
Date Thu, 06 Jun 2013 20:44:48 GMT
Hi,

Mod_auth_form seems to be working as intended when accessing static html
pages protected by mod_auth_form, however, when I run a packet dump, I'm
seeing duplicate identical Set-Cookie: headers coming from Apache.  I'm
running Fedora 18 using the latest RPM packages (nothing compiled
separately).

httpd-2.4.4-3.fc18
mod_session-2.4.4-3.fc18 (which includes mod_auth_form).

For 200 responses, the headers are:

Date:
Server:
Set-Cookie:
authsession=............................;Max-Age=15;path=/protected
Last-Modified:
ETag:
Accept-Ranges:
Content-Length:
Cache-Control:
Set-Cookie:
authsession=............................;Max-Age=15;path=/protected
Keep-Alive:
Connection:
Content-Type:

............................ contains the username, password, expiry
information

For 304's, the header order is:
Date:
Server:
Connection:
Keep-Alive:
ETag:
Cache-Control:
Set-Cookie:
authsession=............................;Max-Age=15;path=/protected
Set-Cookie:
authsession=............................;Max-Age=15;path=/protected


Is this standard behavior, have I done something wrong perhaps, and/or is
this going to give me problems once I start needing programs to access the
cookie data?

Thanks

Mime
View raw message