You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/03/22 14:10:49 UTC

DO NOT REPLY [Bug 7362] New: - proxy module doesn't allow accurate cookie cheking

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7362>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7362

proxy module doesn't allow accurate cookie cheking

           Summary: proxy module doesn't allow accurate cookie cheking
           Product: Apache httpd-1.3
           Version: 1.3.23
          Platform: PC
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Modules
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: s_i_lao@gmx.net


The OS I encountered this is win98se/cygwin w/ apache_1.3.23.
The bug manifests as following:

Having the proxy module installed and configured (as a dll module), everything
works well until the user attempts to login to a site that uses cookies for this
(i.e. mail.yahoo.com or www.hotmail.com). Then the site sets its cookies but is
unable to  verify them, thus not allowing access.

I have to mention that this is not a CONNECT problem, as a secure login session
to mail.yahoo.com (which uses only https for this purpose) succeedes.

I solved this compiling the 1.3.22 sources in src/modules/proxy in 1.3.23 source
environment. The module worked properly.

I didn't test this on another OS.

                    SLao

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org