Java Mailing List Archive

http://www.apache-httpd.com/

Home » users.httpd »

[users@httpd] Setting cookies from proxied backend

jamanbo jamanbo

2008-07-17

Replies: Find Java Web Hosting

Author LoginPost Reply
I've been asking about this for a couple of days now on #apache so
apologies if you're tired of it before even reading any further.

My question is Is it possible to set up an Apache proxy of another
server in such a way that the proxy is invisible, in terms of cookies
at least? I.e. when I visit my proxy I want cookies from the backend
to get set exactly as if I had visited the backend directly
(by-passing the proxy).

I've been using a test configuration which I will show below. I picked
two big sites to test on. They appear to have been lucky choices as
they seem to exhibit different behaviour.

In the first case, I proxy www.espn.go.com and it appears that (some)
cookies from that site get set when I visit my proxy.

However in the second case, when I proxy www.amazon.com and visit my
proxy, I don't see any cookies (although the headers do contain
Set-Cookies).

Can somebody tell me if I am trying to do something impossible. Will
browser security features prevent cookies for www.espn.go.com being
set when I visit localhost:3333/espn? Or is my set up just wrong?

This is the test config if you want to try it:

Listen 3333
<VirtualHost *:3333>
ServerName localhost
DocumentRoot /var/www/revoxy

ProxyPreserveHost On
<proxy>
  Order deny,allow
  Allow from all
</proxy>

# Cookies from espn get set
<LocationMatch /espn/>
  ProxyPass http://www.espn.go.com/
  ProxyPassReverse /
  # ProxyPassReverseCookieDomain espn.go.com localhost
</LocationMatch>

# Cookies from amazon don't get set
<LocationMatch /amazon/>
  ProxyPass http://www.amazon.com/
  ProxyPassReverse /
  # ProxyPassReverseCookieDomain amazon.com localhost
</LocationMatch>
</VirtualHost>

Desperatley awaiting your advice,
JMBO!

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@(protected)
 "  from the digest: users-digest-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)

©2008 apache-httpd.com - Jax Systems, LLC, U.S.A.