You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Dave Rolsky <au...@urth.org> on 2002/02/04 06:41:49 UTC

mod_proxy bug in Apache 1.3.23

Since a lot of folks end up using mod_proxy in a dual-server setup, I
thought I'd let people know of this bug (which I discovered after several
hours of pounding my head against a brick wall).

The version of mod_proxy shipped with Apache 1.3.23 will silently drop
multiple Set-Cookie headers, leaving only the last one.  So if your
mod_perl app (on a backend server) tries to set multiple cookies, only the
last one makes it through.

This will break your app, for obvious reasons.  Its already been reported
in the Apache bug DB:

http://bugs.apache.org/index.cgi/full/9595

http://bugs.apache.org/index.cgi/full/9655


-dave

/*==================
www.urth.org
we await the New Sun
==================*/