You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Luigi Bellio <lu...@gmail.com> on 2023/11/14 20:09:10 UTC
RE: Re: Re: [users@httpd] Unable to unset Set-Cookie response header&In-Reply-To=
Hi Rainer,
I tried also in this way but the "Set-Cookie" response header is
present.
I did further tests ... the response header is set also when
returning static resources, for example
Set-Cookie:
7133ee39c88e27dfb06de1e1feafdacd=64ca85231009a6bb674397ffaccb3d14;
path=/; HttpOnly; Secure; SameSite=None
can I disable Apache HTTPd cookie generation?
Thanks for your support,
Luigi.
On 2023/11/14 15:53:17 Rainer Canavan wrote:
> On Tue, Nov 14, 2023 at 3:24 PM Luigi Bellio <lu...@gmail.com> wrote:
> >
> > Hi Eric,
> >
> > thanks for your feedback ... I just tried, nothing is changed ...
> > moreover as documented the "always" directive should apply to all
> > response codes not only "on success".
>
> You're missing one important issue the documentation raises:
> https://httpd.apache.org/docs/2.4/mod/mod_headers.html#header
> "always" and "onsuccess" apply to different sets of headers, therefore it
> might help if you try duplicating your 'Header unset' line, one with
*and* one
> without "always".
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: Re: Re: [users@httpd] Unable to unset Set-Cookie response header&In-Reply-To=
Posted by Eric Covener <co...@gmail.com>.
On Tue, Nov 14, 2023 at 3:11 PM Luigi Bellio <lu...@gmail.com> wrote:
>
> Hi Rainer,
>
> I tried also in this way but the "Set-Cookie" response header is present.
>
> I did further tests ... the response header is set also when returning static resources, for example
>
> Set-Cookie: 7133ee39c88e27dfb06de1e1feafdacd=64ca85231009a6bb674397ffaccb3d14; path=/; HttpOnly; Secure; SameSite=None
Maybe something between the test client and Apache explains why you
can't unset it in Apache?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org