From: willy tarreau Date: Tue, 9 May 2006 21:32:26 +0000 (+0200) Subject: [MINOR] set the expiration date when removing a cookie X-Git-Tag: v1.2.13~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4f7a1012658a377d1ba3c0c86ad69ff0ee5f18e6;p=thirdparty%2Fhaproxy.git [MINOR] set the expiration date when removing a cookie It was specified in the documentation that a cookie would be deleted if the client was switched to a cookie-less server such as a backup server, in order to avoid stickyness on errors. To achieve this, an empty cookie was returned. It seems this no longer works (at least with Firefox 1.5 and Mozilla 1.8a5), because the browser returns the empty cookie. The cookie specification says that in order to remove a cookie, it must be accompanied by an expiration date in the past, so this is what we do. Tested on Mozilla 1.8a5, works. --- diff --git a/haproxy.c b/haproxy.c index 3532055e9f..0ca75caba5 100644 --- a/haproxy.c +++ b/haproxy.c @@ -4908,11 +4908,12 @@ int process_srv(struct session *t) { (!(t->proxy->options & PR_O_COOK_POST) || (t->flags & SN_POST))) { /* the server is known, it's not the one the client requested, we have to * insert a set-cookie here, except if we want to insert only on POST - * requests and this one isn't. + * requests and this one isn't. Note that servers which don't have cookies + * (eg: some backup servers) will return a full cookie removal request. */ len = sprintf(trash, "Set-Cookie: %s=%s; path=/\r\n", t->proxy->cookie_name, - t->srv->cookie ? t->srv->cookie : ""); + t->srv->cookie ? t->srv->cookie : "; Expires=Thu, 01-Jan-1970 00:00:01 GMT"); t->flags |= SN_SCK_INSERTED;