From: Eric Covener Date: Fri, 9 Jan 2009 22:05:00 +0000 (+0000) Subject: backport r104924: X-Git-Tag: 2.0.64~103 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=15e564f7f22296cf6f3fdca4ab543ee67f2ca5f1;p=thirdparty%2Fapache%2Fhttpd.git backport r104924: Fix Bug 18388 (Set-Cookie in 304) Reviewed By: fielding, wrowe, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@733168 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index cb171e8d4ca..0c0921790c6 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,9 @@ Changes with Apache 2.0.64 mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem] + *) Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass + through on a 304 response. [Nick Kew] + Changes with Apache 2.0.63 *) winnt_mpm: Resolve modperl issues by redirecting console mode stdout diff --git a/STATUS b/STATUS index d19f50047ba..0a92038a774 100644 --- a/STATUS +++ b/STATUS @@ -124,12 +124,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: http://people.apache.org/~fuankg/diffs/httpd-2.0.x-ap_vhost_iterate_given_conn.diff +1: fuankg, wrowe, pgollucci - * Backport 104924: PR 18388; Add Set-Cookie and Set-Cookie2 to the - list of headers allowed to pass through on a 304 response. - This has been in trunk since 2004, released in 2.2.0. - http://svn.apache.org/viewvc?view=rev&revision=104924 - +1: fielding, wrowe, covener - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ please place SVN revisions from trunk here, so it is easy to identify exactly what the proposed changes are! Add all new diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c index deff80bc399..163a9091546 100644 --- a/modules/http/http_protocol.c +++ b/modules/http/http_protocol.c @@ -1752,6 +1752,8 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f, "Warning", "WWW-Authenticate", "Proxy-Authenticate", + "Set-Cookie", + "Set-Cookie2", NULL); } else {