You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2013/10/13 14:27:54 UTC
svn commit: r1531679 - in /httpd/httpd/trunk: CHANGES
modules/session/mod_session.c
Author: minfrin
Date: Sun Oct 13 12:27:54 2013
New Revision: 1531679
URL: http://svn.apache.org/r1531679
Log:
mod_session: After parsing the value of the header specified by the
SessionHeader directive, remove the value from the response. PR 55279.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/session/mod_session.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1531679&r1=1531678&r2=1531679&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sun Oct 13 12:27:54 2013
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_session: After parsing the value of the header specified by the
+ SessionHeader directive, remove the value from the response. PR 55279.
+ [Graham Leggett]
+
*) mod_auth_form: Make sure the optional functions are loaded even when
the AuthFormProvider isn't specified. [Graham Leggett]
Modified: httpd/httpd/trunk/modules/session/mod_session.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session.c?rev=1531679&r1=1531678&r2=1531679&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session.c Sun Oct 13 12:27:54 2013
@@ -443,6 +443,8 @@ static apr_status_t session_output_filte
override = apr_table_get(r->headers_out, conf->header);
}
if (override) {
+ apr_table_unset(r->err_headers_out, conf->header);
+ apr_table_unset(r->headers_out, conf->header);
z->encoded = override;
z->dirty = 1;
session_identity_decode(r, z);