Bug 62208 - ProxyPassReverseCookieDomain replaces cookie value instead of domain if cookie name ends with "domain"
Summary: ProxyPassReverseCookieDomain replaces cookie value instead of domain if cooki...
Status: RESOLVED DUPLICATE of bug 61560
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy (show other bugs)
Version: 2.4.29
Hardware: All Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2018-03-21 19:20 UTC by Matthias Lehr
Modified: 2018-08-03 05:16 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Lehr 2018-03-21 19:20:16 UTC
i stumbled upon this, when i tried to set a domain for a "domainless" 
proxied cookie (related: Bug 44322, thanx for the 
ProxyPassReverseCookiePath path trick ;-) )

How to reproduce
response header line from origin server

Set-Cookie: MYDOMAIN=test.somewhere.com; domain=.somewhere.com

proxy directive
ProxyPassReverseCookieDomain somewhere.com other.somewhere.com

results in response header from proxy
Set-Cookie: MYDOMAIN=other.somewhere.com; domain=.somewhere.com

but should be  
Set-Cookie: MYDOMAIN=test.somewhere.com; domain=other.somewhere.com

BUG: value instead of domain was replaced 

same for ProxyPassReverseCookiePath
the search/replace should start after the corresponding separator ";"
Comment 1 Christophe JAILLET 2018-08-03 05:16:45 UTC
Looks like a duplicate of  bug 61560.
This is fixed in 2.4.34.

Should you still have this issue, feel free to re-open.

*** This bug has been marked as a duplicate of bug 61560 ***