From: Graham Leggett <minfrin@apache.org>
Date: Fri, 23 Nov 2018 15:34:40 +0000 (+0000)
Subject: *) mod_session_cookie: avoid duplicate Set-Cookie headers in the response.
X-Git-Tag: 2.4.38~67
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5fe15b4d1fb0db716dba590b5fa138b864dce52f;p=thirdparty%2Fapache%2Fhttpd.git

*) mod_session_cookie: avoid duplicate Set-Cookie headers in the response.
   trunk patch: http://svn.apache.org/r1843244
+1: elukey, jim, minfrin


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1847288 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 4f166a88efd..7762b618f9c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.38
 
+  *) mod_session_cookie: avoid duplicate Set-Cookie header in the response.
+     [Emmanuel Dreyfus <manu@netbsd.org>, Luca Toscano]
+
   *) mod_ssl: clear *SSL errors before loading certificates and checking
      afterwards. Otherwise errors are reported when other SSL using modules
      are in play. Fixes PR 62880. [Michael Kaufmann]
diff --git a/STATUS b/STATUS
index 771aafea4f1..5cec43e76b4 100644
--- a/STATUS
+++ b/STATUS
@@ -126,12 +126,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  *) mod_session_cookie: avoid duplicate Set-Cookie headers in the response.
-     trunk patch: http://svn.apache.org/r1843244
-     2.4.x patch: svn merge -c 1843244 ^/httpd/httpd/trunk .
-     +1: elukey, jim, minfrin
-     elukey: test added in http://svn.apache.org/r1844468
-
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]
diff --git a/modules/session/mod_session_cookie.c b/modules/session/mod_session_cookie.c
index 6a02322bf19..a010ee7163a 100644
--- a/modules/session/mod_session_cookie.c
+++ b/modules/session/mod_session_cookie.c
@@ -67,7 +67,7 @@ static apr_status_t session_cookie_save(request_rec * r, session_rec * z)
     if (conf->name_set) {
         if (z->encoded && z->encoded[0]) {
             ap_cookie_write(r, conf->name, z->encoded, conf->name_attrs,
-                            z->maxage, r->headers_out, r->err_headers_out,
+                            z->maxage, r->err_headers_out,
                             NULL);
         }
         else {
@@ -80,7 +80,7 @@ static apr_status_t session_cookie_save(request_rec * r, session_rec * z)
     if (conf->name2_set) {
         if (z->encoded && z->encoded[0]) {
             ap_cookie_write2(r, conf->name2, z->encoded, conf->name2_attrs,
-                             z->maxage, r->headers_out, r->err_headers_out,
+                             z->maxage, r->err_headers_out,
                              NULL);
         }
         else {