Session-Cookie is set twice?

klixn · August 23, 2016, 11:35am

Hey guys,
I checked the HTTP headers of a website I made and got the following result:

HTTP/1.1 200 OK Date: Tue, 23 Aug 2016 11:16:01 GMT Server: Apache/2.4.10 (Debian) Set-Cookie: kirby_session=b886bmbcib83shl2a7hj2suhv7; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: kirby_session=b886bmbcib83shl2a7hj2suhv7; path=/; secure; HttpOnly Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8

Can anyone tell me why the same cookie is set twice?

Thank you in advance!

Update:
The result above was generated by cloxy. If I use webconfs, the result is as expected:
HTTP/1.1 200 OK => Date => Tue, 23 Aug 2016 11:15:17 GMT Server => Apache/2.4.10 (Debian) Set-Cookie => kirby_session=r294c38742apmsf51cvq71arf6; path=/; secure; HttpOnly Expires => Thu, 19 Nov 1981 08:52:00 GMT Cache-Control => no-store, no-cache, must-revalidate Pragma => no-cache Vary => Accept-Encoding Connection => close Content-Type => text/html; charset=UTF-8

But why are the results different?

Topic		Replies	Views
Set-Cookie twice? Questions v2	4	1671	February 6, 2025
Redundant cookie settings in HTTP headers Questions v2	10	5776	February 6, 2025
Secure Cookie / Session Tokens Questions	14	125	October 22, 2024
Session restore not always working Questions v2	13	1108	February 6, 2025
Kirby session cookie purpose Questions	4	673	October 26, 2022

Session-Cookie is set twice?

Related topics