Bug 48295

Summary: ProxyPassReverseCookiePath: Not changing path correctly.
Product: Apache httpd-2 Reporter: Jie Gao <J.Gao>
Component: mod_proxyAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: REOPENED ---    
Severity: normal    
Priority: P2    
Version: 2.2.14   
Target Milestone: ---   
Hardware: PC   
OS: Linux   

Description Jie Gao 2009-11-27 22:26:38 UTC
From Apache documentation:

"Usage is basically similar to ProxyPassReverse, but instead of rewriting headers that are a URL, this rewrites the path string in Set-Cookie headers."

It does not seem to be the case.

Example:

<Location /sss/>
ProxyHTMLEnable On
ProxyPass http://backend.server/
ProxyPassReverse /
ProxyHTMLURLMap / /sss/
ProxyPassReverseCookiePath / /sss/
</Location>

This will rewrite cookie path from backend server's /cgi-bin to /sss/ for the frontend server.

Is this intended behaviour?



Jie
Comment 1 Eric Covener 2009-11-28 03:59:59 UTC
Post verbatim headers of the bug you're describing.
Comment 2 Jie Gao 2009-11-28 17:47:34 UTC
Script setting the cookie:

#!/usr/bin/perl -w

use strict;
use CGI;

my $q = new CGI;

my $cookie_1 = $q->cookie(-name=>'jie_COOKIE_1',
    -value=>'BEST_COOKIE=chocolatechip',
    -domain=>'www-dev.xxxxxx.xxx.xx',
    -path=>'/cgi-bin');

print $q->header(-cookie=>$cookie_1);


print $q->start_html('My cookie-set.cgi program');
print $q->h3('The cookie has been set');

print $q->end_html;
-----------------------------------------------------

Running it directly to the backend server


HTTP/1.0 200 OK
Date: Sun, 29 Nov 2009 01:42:56 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: jie_COOKIE_1=BEST_COOKIE%3Dchocolatechip; domain=xxx.xxx.xxx; path=/cgi-bin
Content-Type: text/html; charset=ISO-8859-1
X-Cache: MISS from www-cacheE.xxx.xxx.xx
X-Cache-Lookup: MISS from www-cacheE.xxx.xxx.xx:8080
Via: 1.0 www-cacheE.xxx.xxx.xx:8080 (squid/2.6.STABLE5)
Proxy-Connection: close

Running it on the rp server:

HTTP/1.0 200 OK
Date: Sun, 29 Nov 2009 01:46:24 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Type: text/html; charset=utf-8
Set-Cookie: jie_COOKIE_1=BEST_COOKIE%3Dchocolatechip; domain=www-dev.xxx.xxx.xx; path=/sss/
X-Cache: MISS from www-cacheE.xxxx.xxx.xx
X-Cache-Lookup: MISS from www-cacheE.xxx.xxx.xx:8080
Via: 1.0 www-cacheE.xxx.xx.xx:8080 (squid/2.6.STABLE5)
Proxy-Connection: close
Comment 3 Nick Kew 2009-11-28 18:33:58 UTC
Path is defined as the component of the URL up to and including the rightmost slash.  So the path of "/cgi-bin" is "/".
Comment 4 Jie Gao 2009-11-28 19:17:34 UTC
I changed the script to set the cookie path to "/cgi-bin/', but I got the same
result from the RP as before.
Comment 5 Jie Gao 2009-11-28 19:19:54 UTC
I changed the script to set the cookie path to "/cgi-bin/', but I got the same
result from the RP as before.
Comment 6 Jie Gao 2009-11-29 18:34:50 UTC
From rfc 2965:

Path    Defaults to the path of the request URL that generated the
           Set-Cookie2 response, up to and including the right-most /.
Comment 7 Jie Gao 2009-11-30 16:02:01 UTC
*** Bug 48312 has been marked as a duplicate of this bug. ***
Comment 8 Mark Thomas 2009-11-30 16:46:36 UTC
Note that due to a data loss on 26/27 Nov 2009 the issue that was originally created as bug 48295 was lost. It has been re-created as bug 48306.