I have to remove a cookie in the HTTP request that reaches the server. Doing the work around the client (that creates this cookie) or around the server (that reads it) isn't a choice. I've Apache 2. that proxies demands between client and also the server, and so i was wishing to get rid of the cookie immediately in Apache using mod_rewrite.
My real question is, it is possible to method to remove a particular cookie in the HTTP request using mod_rewrite?
Otherwise easy to remove just one cookie then like a last measure to get rid of all snacks in the request?
I'm available to other suggestions of methods to do this if mod_rewrite isn't the right tool with this task.
mod_rewrite enables manipulation of Web addresses although not of HTTP headers, however 'mod_headers' enables you to do this.
So, you could utilize:
RequestHeader unset Cookie
This can strip all snacks in the request. I am unsure if it is easy to remove only a particular cookie by using this technique.
Alternatively, an stop snacks being passed to the customer using:
Header unset Set-Cookie
if that is appropriate.
You can handle specific snacks using following claims in apache reverse proxy designs:
To get rid of any sort of cookie you should use:
'Header add Set-Cookie "ANY_COOKIE=''expires='SOME_DATE_IN_PAST' Max-Age= Path=COOKIE_PATH"'
By indicating past date, you know the browser the cookie has expired and browser will discard the cookie.
To include any cookie you should use:
'Header add Set-Cookie "ANY_COOKIE='ANY_VALUE'expires='SOME_FUTURE_DATE' Path=COOKIE_PATH"'
Ensure that you specify the some future date. If you don't specify any date, the cookie is going to be treated as session cookie.
Use the next to get rid of specific cookie from request:
'RequestHeader add Cookie "ANY_COOKIE=''expires='SOME_PAST_DATE' Path=COOKIE_PATH"'