You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Emmanuel Dreyfus <ma...@netbsd.org> on 2017/11/17 16:13:29 UTC

Cookies and sessions bugfixes

Hello

I few months ago, I submitted a few bug fixes, and 
they got coompletely ignored. Is there some step I 
missed in in the patch submisssion process?

It would be nice is eomone coule have a look at it:


1) Add Expires parameters in Apache-issued cookies
https://bz.apache.org/bugzilla/show_bug.cgi?id=60908

Apache issued cookies set the Max-Age parameter, but this
is ignored by MSIE and MS Edge, which only consider the
Expires parameter. The patch makes sur both are included


2) Do not send Set-Cookie header twice
https://bz.apache.org/bugzilla/show_bug.cgi?id=60910

Apache sends the Set-Cookie header twice for successful 
requests.  The patch makes sure it exists only once.


3) Do not save expiry in empty session
https://bz.apache.org/bugzilla/show_bug.cgi?id=60909

When a session is empty, do not save a add lone expiry
key. 


And that one seems to be obsolete because someone else
did the same work and got it committed in tree:
https://bz.apache.org/bugzilla/show_bug.cgi?id=60708


-- 
Emmanuel Dreyfus
manu@netbsd.org

Re: Cookies and sessions bugfixes

Posted by Luca Toscano <to...@gmail.com>.

Hi Emmanuel,

2017-11-17 17:13 GMT+01:00 Emmanuel Dreyfus <ma...@netbsd.org>:

> Hello
>
> I few months ago, I submitted a few bug fixes, and
> they got coompletely ignored. Is there some step I
> missed in in the patch submisssion process?
>
> It would be nice is eomone coule have a look at it:
>
>
Thanks a lot for the code patches, you didn't miss any step, the only
trouble is that there are a lot of bugs opened and not enough time to go
through all of them (including security issues). I am completely ignorant
about those modules but I'll try to help, I'd suggest to keep following up
in bugzilla for the moment.

Luca