httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arkadiusz Miśkiewicz <>
Subject [users@httpd] make mod_cache not cache cookies but cache contents from application side
Date Fri, 30 Oct 2009 19:57:38 GMT


Is there a way to forbid caching cookies from application level (let say php 
or mod_perl level) by mod_cache? I know method via apache config but trying 
to find one via application level. Of course I would like the rest (bodies) 
to be actually cached but not cookies itself.

mod_cache from 2.2.14 is doing crazy things like leaking user A cookie to 
the user B which for me is serious security issue.

Arkadiusz Miśkiewicz        PLD/Linux Team
arekm /  

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message