Set-Cookie is missing via proxy

Maxim Dounin mdounin at mdounin.ru
Wed Dec 5 12:23:10 UTC 2012


Hello!

On Wed, Dec 05, 2012 at 12:00:51PM +0100, Isaac Hailperin wrote:

> I am using nginx as a reverse proxy for apache.
> I have the following symptom: Sessions of users get mixed up.
> The original html from the apache looks like this via curl:
> 
> [...]
> <a href="/ueber-uns/?acmeID=e58927c4c728307aa0596f23a87c8136" class="to_page
> right_btn"><img src="/layout/cyt/img/blind.gif" alt="" /></a></div>
> <div class="teaser teaser4a">
> [...]
> 
> If I get this page through nginx, it looks like this:
> [...]
> <a href="/ueber-uns/" class="to_page right_btn"><img
> src="/layout/cyt/img/blind.gif" alt="" /></a></div>
> [...]
> 
> So obviously the query string containing the identifing ID is
> missing. I guess
> this is where sessions get mixed up. Now I had
> a look a the headers, and there I got via apache:
> curl --head http://www.foobar-shop.de/
> HTTP/1.1 200 OK
> Date: Wed, 05 Dec 2012 10:19:48 GMT
> Server: Apache
> X-Powered-By: PHP/5.2.17-0.dotdeb.0
> Set-Cookie: acmeID=48dceed9217eea2b691f75e26276bdb8; expires=Fri,
> 15-Mar-2013
> 10:19:48 GMT; path=/; domain=.foobar-shop.de
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
> pre-check=0
> Pragma: no-cache
> Content-Type: text/html;charset=UTF-8
> 
> and via nginx:
> HTTP/1.1 200 OK
> Server: nginx/1.2.5
> Date: Wed, 05 Dec 2012 10:45:54 GMT
> Content-Type: text/html; charset=iso-8859-1
> Content-Length: 945
> Connection: keep-alive
> Last-Modified: Fri, 13 Apr 2012 02:58:01 GMT
> ETag: "132b39c-3b1-4bd86a3f74040"
> Accept-Ranges: bytes
> Vary: Accept-Encoding
> 
> So the "Set-Cookie" header is missing via nginx. I guess this is the
> reason why the query
> string is also missing in the html. ( Odly though, if I browse the site with
> firefox, I still get the cookie ...? )

I would suggest it's backend code/configs which needs 
investigation.  It looks like the backend returns static file 
(note Content-Length, ETag and no X-Powered-By) to nginx for some 
reason.

[...]

-- 
Maxim Dounin
http://nginx.com/support.html



More information about the nginx mailing list