62208 – ProxyPassReverseCookieDomain replaces cookie value instead of domain if cookie name ends with "domain"

Bug 62208 - ProxyPassReverseCookieDomain replaces cookie value instead of domain if cookie name ends with "domain"

Summary: ProxyPassReverseCookieDomain replaces cookie value instead of domain if cooki...

Status:	RESOLVED DUPLICATE of bug 61560

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_proxy (show other bugs)
Version:	2.4.29
Hardware:	All Linux

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-03-21 19:20 UTC by Matthias Lehr
Modified:	2018-08-03 05:16 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Lehr 2018-03-21 19:20:16 UTC

i stumbled upon this, when i tried to set a domain for a "domainless" 
proxied cookie (related: Bug 44322, thanx for the 
ProxyPassReverseCookiePath path trick ;-) )

How to reproduce
response header line from origin server

Set-Cookie: MYDOMAIN=test.somewhere.com; domain=.somewhere.com

proxy directive
ProxyPassReverseCookieDomain somewhere.com other.somewhere.com

results in response header from proxy
Set-Cookie: MYDOMAIN=other.somewhere.com; domain=.somewhere.com

but should be  
Set-Cookie: MYDOMAIN=test.somewhere.com; domain=other.somewhere.com

BUG: value instead of domain was replaced 

same for ProxyPassReverseCookiePath
the search/replace should start after the corresponding separator ";"

Comment 1 Christophe JAILLET 2018-08-03 05:16:45 UTC

Looks like a duplicate of  bug 61560.
This is fixed in 2.4.34.

Should you still have this issue, feel free to re-open.

*** This bug has been marked as a duplicate of bug 61560 ***