You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Alex Menendez <am...@macromedia.com> on 2002/04/03 07:44:30 UTC
Multiple Cookie Header Bug with Apache::ProxyRewrite
hello, Christian
I found a bug with how Apache::ProxyRewite handles cookies.
Our proxy server was trying to display a remote application that heavily uses cookies butthe application was failing miserably.
I compared the headers of what the proxy server was sending to the client vs. what the remote server was displaying. the proxy server was only sending one (the last one) of 4 Set-Cookie headers.
The problems lies in the way that all headers are set:
$r->headers_out->{$header} = $value;
I patched the server by changing sum code in: sub respond { }
to allow for multiple cookie headers.
Here is what I did:
# feed reponse back into our request_record
$response->scan(sub {
my ($header, $value) = @_;
$r->log->debug("respond: OUT $header: $value");
if ($header =~ /^Set-Cookie/i) {
$value =~ /path=([^;]+)/i;
my $cookie_path = $1;
&rewrite_url($r, $remote_site, \$cookie_path, $mapref);
$value =~ s/(path=)([^;]+)/$1$cookie_path/i;
# Multiple Cookie Patch added by amen
# 04/03/2002
$r->headers_out->add( 'Set-Cookie' => $value );
$r->log->debug("respond: OUT-MOD $header: $value");
} else {
$r->headers_out->{$header} = $value;
}
});
Makes sense :)
thanx for writing this,
-amen
BTW> we are using version 0.15
RE: Multiple Cookie Header Bug with Apache::ProxyRewrite
Posted by Christian Gilmore <cg...@tivoli.com>.
Alex,
Thanks for the report! I'll look into it and your provided patch as soon
as I have a chance.
Thanks,
Christian
-----------------
Christian Gilmore
Technology Leader
GeT WW Global Applications Development
IBM Software Group
> -----Original Message-----
> From: Alex Menendez [mailto:amenendez@macromedia.com]
> Sent: Tuesday, April 02, 2002 11:45 PM
> To: 'cgilmore@tivoli.com'; 'cag@us.ibm.com'
> Cc: 'modperl@apache.org'; Sean Corfield; Alex Menendez
> Subject: Multiple Cookie Header Bug with Apache::ProxyRewrite
>
>
> hello, Christian
>
> I found a bug with how Apache::ProxyRewite handles cookies.
>
> Our proxy server was trying to display a remote application
> that heavily uses cookies butthe application was failing miserably.
>
> I compared the headers of what the proxy server was sending
> to the client vs. what the remote server was displaying. the
> proxy server was only sending one (the last one) of 4
> Set-Cookie headers.
>
> The problems lies in the way that all headers are set:
> $r->headers_out->{$header} = $value;
>
> I patched the server by changing sum code in: sub respond { }
> to allow for multiple cookie headers.
>
> Here is what I did:
> # feed reponse back into our request_record
> $response->scan(sub {
> my ($header, $value) = @_;
> $r->log->debug("respond: OUT $header: $value");
> if ($header =~ /^Set-Cookie/i) {
> $value =~ /path=([^;]+)/i;
> my $cookie_path = $1;
> &rewrite_url($r, $remote_site,
> \$cookie_path, $mapref);
> $value =~ s/(path=)([^;]+)/$1$cookie_path/i;
>
> # Multiple Cookie Patch added by amen
> # 04/03/2002
> $r->headers_out->add( 'Set-Cookie' => $value );
> $r->log->debug("respond: OUT-MOD
> $header: $value");
> } else {
> $r->headers_out->{$header} = $value;
> }
> });
>
> Makes sense :)
>
> thanx for writing this,
> -amen
>
> BTW> we are using version 0.15
>