v10 cookie insert problem

Not sure about the authority of the site, but this one says:

 

 

 

http://kristol.org/cookie/errata.htmlmulti-header

 

 

1. Can there be more than one Cookie header in a request?

 

 

Disposition:

 

 

We conclude that multiple Cookie headers may be present in a request. RFC 2965 has no specific words forbidding multiple Cookie headers, and the wording at least suggests the possibility of multiple headers.

 

 

2. Can multiple Cookie headers be combined?

 

 

If there can be more than one Cookie header in a request, can they be combined ("folded")?

 

 

Disposition: If so, then the syntax for Cookie needs to be changed.

 

 

Note: RFC 2616 (HTTP/1.1) says:

 

 

Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., (values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma.

 

 

In other words, multiple headers are allowed if and only if they can be combined.

 

 

 

 

So maybe it's not as clearly allowed in the RFC's. I know I've read that you can have multiple Set-Cookie(2) response headers. And this is something quite common to see.

 

 

You could check if the cookie exists with a value using 'HTTP::cookie exists $cookie_name'. You could modify the existing Cookie header using something like HTTP::header replace Cookie "[HTTP::header value Cookie]; new_cookie=new_value;".

 

 

It might also be interesting to check into the .NET code (or library?) you're using to see if there are any known issues/fixes for this. And you could open a case with F5 Support to see if they've seen other customers reporting a similar issue.

 

 

I'd be interested in hearing what you find out on any of these fronts.

 

 

Thanks,

 

Aaron