On Tue, Jun 28, 2016 at 2:29 PM, Rainer Canavan <rainer.cana...@sevenval.com
> wrote:
>
> It's not just the Cookie that's logged via %{}C that gets nonsense
> appended, but the cookie parser of e.g. PHP behaves the same. I think
> httpd could handle this better by not merging the headers or merging
> them in a way that is consistent with the syntax of the Cookie:
> response header. Since the original Cookie: header sent by the client
> gets corrupted by httpd, I'd even prefer dripping any additional
> headers over the current behaviour.
>
That's not nonsense, and dropping isn't an option. You need to review
https://tools.ietf.org/html/rfc7230#section-3.2.2
and stop and explain your confusion so we can assist.
