Hi Rainer,
I tried also in this way but the "Set-Cookie" response header is
present.
I did further tests ... the response header is set also when
returning static resources, for example
Set-Cookie:
7133ee39c88e27dfb06de1e1feafdacd=64ca85231009a6bb674397ffaccb3d14;
path=/; HttpOnly; Secure; SameSite=None
can I disable Apache HTTPd cookie generation?
Thanks for your support,
Luigi.
On 2023/11/14 15:53:17 Rainer Canavan wrote:
> On Tue, Nov 14, 2023 at 3:24 PM Luigi Bellio <lu...@gmail.com> wrote:
> >
> > Hi Eric,
> >
> > thanks for your feedback ... I just tried, nothing is changed ...
> > moreover as documented the "always" directive should apply to all
> > response codes not only "on success".
>
> You're missing one important issue the documentation raises:
> https://httpd.apache.org/docs/2.4/mod/mod_headers.html#header
> "always" and "onsuccess" apply to different sets of headers, therefore it
> might help if you try duplicating your 'Header unset' line, one with
*and* one
> without "always".
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
