We are trying to use mod_headers to append the httponly parameter on a HTTP
response. We are using the latest 2.2 version
But we can't seem to get it work
To simplify our testing we have written a small cgi program to emit a
set-cookie header.
When we add the following line to the httpd.conf file:
Header edit Set-Cookie ^(.*)$ $1;Secure;HttpOnly
The parameter is not added. It is the only set-cookie header that is
issued.
We have tried many different options and the edit function never seems to
"kick in".
Any ideas?
Many thanks
John
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
