Bug 62208

Summary: ProxyPassReverseCookieDomain replaces cookie value instead of domain if cookie name ends with "domain"
Product: Apache httpd-2 Reporter: Matthias Lehr <matthias.lehr>
Component: mod_proxyAssignee: Apache HTTPD Bugs Mailing List <bugs>
Severity: normal    
Priority: P2    
Version: 2.4.29   
Target Milestone: ---   
Hardware: All   
OS: Linux   

Description Matthias Lehr 2018-03-21 19:20:16 UTC
i stumbled upon this, when i tried to set a domain for a "domainless" 
proxied cookie (related: Bug 44322, thanx for the 
ProxyPassReverseCookiePath path trick ;-) )

How to reproduce
response header line from origin server

Set-Cookie: MYDOMAIN=test.somewhere.com; domain=.somewhere.com

proxy directive
ProxyPassReverseCookieDomain somewhere.com other.somewhere.com

results in response header from proxy
Set-Cookie: MYDOMAIN=other.somewhere.com; domain=.somewhere.com

but should be  
Set-Cookie: MYDOMAIN=test.somewhere.com; domain=other.somewhere.com

BUG: value instead of domain was replaced 

same for ProxyPassReverseCookiePath
the search/replace should start after the corresponding separator ";"
Comment 1 Christophe JAILLET 2018-08-03 05:16:45 UTC
Looks like a duplicate of  bug 61560.
This is fixed in 2.4.34.

Should you still have this issue, feel free to re-open.

*** This bug has been marked as a duplicate of bug 61560 ***