[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mod_session_cookie and duplicate headers

Hi everybody,

I noticed that several bugs have been reporting duplicate Set-Cookie
headers in responses when using mod_session_cookie:

And possibly others.. The last one contains a simple patch that avoids
mod-session_cookie to set the header in both r->headers_out and
r->err_headers_out, that IIUC from their semantics should not be used
together for the same header. I tried the patch and it seems working,
but I am not sure if there are drawbacks in committing it. From what I
can see leaving only the header in err_headers_out should not break
any existing use case and fix the duplication.


Thanks in advance,