Received: (qmail 25670 invoked by uid 501); 26 Jan 2002 23:08:28 -0000 Message-Id: <20020126230828.25669.qmail@apache.org> Date: 26 Jan 2002 23:08:28 -0000 From: Brendan Bank Reply-To: brendan@gnarst.net To: submit@bugz.apache.org Subject: problem with libproxy and Set-Cookie headers X-Send-Pr-Version: 3.110 >Number: 9609 >Category: mod_proxy >Synopsis: problem with libproxy and Set-Cookie headers >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: apache >Arrival-Date: Sat Jan 26 15:10:00 PST 2002 >Closed-Date: >Last-Modified: >Originator: brendan@gnarst.net >Release: Apache/1.3.22 (Unix) >Organization: apache >Environment: FreeBSD banzai2.gnarst.net 4.5-PRERELEASE FreeBSD 4.5-PRERELEASE #2: Apache/1.3.22 (Unix) DAV/1.0.2 mod_ssl/2.8.5 OpenSSL/0.9.6a >Description: If a server actis like a proxy but inserts a Cookie it will not send the cookie back to the client. This is caulsed by the fact that not all r->headers_out are checked before the request is send back to the client. >How-To-Repeat: configure a rewrite rule: RewriteRule ^bla/(.*) https://bla.gnarst.net/bal/$1 [P] and have the proxy (the server which hold the configuration above this line) insert a cookie. It will not be send back to the client. >Fix: *** modules/proxy/proxy_http.c 2002/01/26 22:51:58 1.1 --- modules/proxy/proxy_http.c 2002/01/26 22:56:12 *************** *** 355,363 **** --- 355,370 ---- continue; ap_bvputs(f, reqhdrs[i].key, ": ", reqhdrs[i].val, CRLF, NULL); } + if ((cookie = ap_table_get(r->headers_out, "Set-Cookie")) != NULL) { + ap_bvputs(f, "Set-Cookie: ", cookie, CRLF, NULL); + ap_log_rerror(APLOG_MARK, APLOG_NOTICE, r, + "ap_bvputs Set-Cookie found headers_out: %s", cookie); + } + ap_bputs(CRLF, f); + /* send the request data, if any. */ if (ap_should_client_block(r)) { while ((i = ap_get_client_block(r, buffer, sizeof buffer)) > 0) *************** *** 517,524 **** --- 524,542 ---- /* send headers */ tdo.req = r; tdo.cache = c; ap_table_do(ap_proxy_send_hdr_line, &tdo, resp_hdrs, NULL); + + if ((cookie = ap_table_get(r->err_headers_out, "Set-Cookie")) != NULL) { + ap_rvputs(r, "Set-Cookie: ", cookie, CRLF, NULL); + ap_log_rerror(APLOG_MARK, APLOG_NOTICE, r, + "ap_rvputs Set-Cookie found err_headers_out: %s", cookie); + } + else if ((cookie = ap_table_get(r->headers_out, "Set-Cookie")) != NULL) { + ap_rvputs(r, "Set-Cookie: ", cookie, CRLF, NULL); + ap_log_rerror(APLOG_MARK, APLOG_NOTICE, r, + "ap_rvputs Set-Cookie found headers_out: %s", cookie); + } if (!r->assbackwards) ap_rputs(CRLF, r); if (c != NULL && c->fp != NULL && ap_bputs(CRLF, c->fp) == -1) { >Release-Note: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, you need] [to include in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]