On Thu, Jun 16, 2011 at 18:41, Joe Lewis <[email protected]> wrote: > On Thu, 2011-06-16 at 12:32 -0400, Shawn Ligocki wrote: > >> On Thu, Jun 16, 2011 at 11:57 AM, Joe Lewis <[email protected]> wrote: >> >> > On Thu, 2011-06-16 at 17:46 +0200, Sorin Manolache wrote: >> > >> > > >> > > Can I get this response just by changing the configuration of apache? >> > > >> > > "Header edit cookie_name(.*)domain=[^;]+(.*) >> > > cookie_name$1domain=.domain.net$2" does not help as it only moves the >> > > cookie from one domain to the other and I want it copied, not moved. >> > >> > >> > That is really how it should be. A second header of the same name isn't >> > really allowed in the specification. >> >> >> I believe the HTTP spec does allow multiple Set-Cookie HTTP headers: >> >> From RFC 2616, Section >> 4.2<http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.4.2.p.5> >> : >> >> Multiple message-header fields with the same field-name *may* be present in >> > a message if and only if the entire field-value for that header field is >> > defined as a comma-separated list [i.e., #(values)]. It *must* be possible >> > to combine the multiple header fields into one "field-name: field-value" >> > pair, without changing the semantics of the message, by appending each >> > subsequent field-value to the first, each separated by a comma. The order >> > in >> > which header fields with the same field-name are received is therefore >> > significant to the interpretation of the combined field value, and thus a >> > proxy *must not* change the order of these field values when a message is >> > forwarded. > > > Sorin, there is your answer. Set the header to a single value > containing both cookies. Thanks, Shawn!
Thanks, I've tried, but it does not work. First, Firefox seems to simply ignore the second cookie. I do "Set-Cookie: a=1,b=2" and I see only a=1 in my cookie collection. Second, there's the problem with "expires". Typically its syntax is "Mon, 15-Aug-2011 10:00:00 GMT", i.e. it contains a comma. So I think that Set-Cookie does not satisfy the condition "It *must* be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message" Sorin
