mod_session_cookie: avoid adding the Set-Cookie header

                    in both r->headers_out and r->err_headers_out
                    to avoid duplication.

In session_cookie_save it seems that ap_cookie_write is called
with r->headers_out and r->err_headers_out, ending up in the same
Set-Cookie header on both tables and eventually duplicated in the
HTTP response. I took Emmanuel's patch and trimmed out the bits
that remove the header only from r->err_headers_out (leaving it
to do the work on both tables) as attempt to change this bit of code
in the most conservative way as possible. Sending a commit for
a broader review.

PR: 60910,56098,55278



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1843244 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 2 insertions, 2 deletions

diff --git a/modules/session/mod_session_cookie.c b/modules/session/mod_session_cookie.c
index 4aa75e4835..36168b7ead 100644
--- a/modules/session/mod_session_cookie.c
+++ b/modules/session/mod_session_cookie.c
@@ -64,7 +64,7 @@ static apr_status_t session_cookie_save(request_rec * r, session_rec * z)
     if (conf->name_set) {
         if (z->encoded && z->encoded[0]) {
             ap_cookie_write(r, conf->name, z->encoded, conf->name_attrs,
-                            z->maxage, r->headers_out, r->err_headers_out,
+                            z->maxage, r->err_headers_out,
                             NULL);
         }
         else {
@@ -77,7 +77,7 @@ static apr_status_t session_cookie_save(request_rec * r, session_rec * z)
     if (conf->name2_set) {
         if (z->encoded && z->encoded[0]) {
             ap_cookie_write2(r, conf->name2, z->encoded, conf->name2_attrs,
-                             z->maxage, r->headers_out, r->err_headers_out,
+                             z->maxage, r->err_headers_out,
                              NULL);
         }
         else {