Hi, Mod_auth_form seems to be working as intended when accessing static html pages protected by mod_auth_form, however, when I run a packet dump, I'm seeing duplicate identical Set-Cookie: headers coming from Apache. I'm running Fedora 18 using the latest RPM packages (nothing compiled separately).
httpd-2.4.4-3.fc18 mod_session-2.4.4-3.fc18 (which includes mod_auth_form). For 200 responses, the headers are: Date: Server: Set-Cookie: authsession=............................;Max-Age=15;path=/protected Last-Modified: ETag: Accept-Ranges: Content-Length: Cache-Control: Set-Cookie: authsession=............................;Max-Age=15;path=/protected Keep-Alive: Connection: Content-Type: ............................ contains the username, password, expiry information For 304's, the header order is: Date: Server: Connection: Keep-Alive: ETag: Cache-Control: Set-Cookie: authsession=............................;Max-Age=15;path=/protected Set-Cookie: authsession=............................;Max-Age=15;path=/protected Is this standard behavior, have I done something wrong perhaps, and/or is this going to give me problems once I start needing programs to access the cookie data? Thanks