Hi,
Mod_auth_form seems to be working as intended when accessing static html pages protected by mod_auth_form, however, when I run a packet dump, I'm seeing duplicate identical Set-Cookie: headers coming from Apache. I'm running Fedora 18 using the latest RPM packages (nothing compiled separately).
httpd-2.4.4-3.fc18
mod_session-2.4.4-3.fc18 (which includes mod_auth_form).
For 200 responses, the headers are:
Date:
Server:
Set-Cookie: authsession=............................;Max-Age=15;path=/protected
Last-Modified:
ETag:
Accept-Ranges:
Content-Length:
Cache-Control:
Set-Cookie: authsession=............................;Max-Age=15;path=/protected
Keep-Alive:
Connection:
Content-Type:
............................ contains the username, password, expiry information
For 304's, the header order is:
Date:
Server:
Connection:
Keep-Alive:
ETag:
Cache-Control:
Set-Cookie: authsession=............................;Max-Age=15;path=/protected
Set-Cookie: authsession=............................;Max-Age=15;path=/protected
Is this standard behavior, have I done something wrong perhaps, and/or is this going to give me problems once I start needing programs to access the cookie data?
Thanks
