mod_session: After parsing the value of the header specified by the

author Graham Leggett <minfrin@apache.org>

Sun, 13 Oct 2013 12:27:54 +0000 (12:27 +0000)

committer Graham Leggett <minfrin@apache.org>

Sun, 13 Oct 2013 12:27:54 +0000 (12:27 +0000)
author Graham Leggett <minfrin@apache.org>
Sun, 13 Oct 2013 12:27:54 +0000 (12:27 +0000)
committer Graham Leggett <minfrin@apache.org>
Sun, 13 Oct 2013 12:27:54 +0000 (12:27 +0000)
diff --git a/CHANGES b/CHANGES

index e5bad54100531df84247ebb43a2717e611f35ee8..0c583f9e14b94c80f22740499fc8309e0a9492c6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                           -*- coding: utf-8 -*-
  Changes with Apache 2.5.0
  
+  *) mod_session: After parsing the value of the header specified by the
+     SessionHeader directive, remove the value from the response. PR 55279.
+     [Graham Leggett]
+
    *) mod_auth_form: Make sure the optional functions are loaded even when
       the AuthFormProvider isn't specified. [Graham Leggett]
  
diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c

index 7213eb3c8e999fa9f936cde40d6485afc9d31a3b..5a8ca4d8cb9008f0afb429d0042505f3a9b350c0 100644 (file)
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -443,6 +443,8 @@ static apr_status_t session_output_filter(ap_filter_t * f,
                  override = apr_table_get(r->headers_out, conf->header);
              }
              if (override) {
+                apr_table_unset(r->err_headers_out, conf->header);
+                apr_table_unset(r->headers_out, conf->header);
                  z->encoded = override;
                  z->dirty = 1;
                  session_identity_decode(r, z);
author	Graham Leggett <minfrin@apache.org>
	Sun, 13 Oct 2013 12:27:54 +0000 (12:27 +0000)
committer	Graham Leggett <minfrin@apache.org>
	Sun, 13 Oct 2013 12:27:54 +0000 (12:27 +0000)
CHANGES		patch \| blob \| history
modules/session/mod_session.c		patch \| blob \| history