Issue status update for http://drupal.org/node/28629 Post a follow up: http://drupal.org/project/comments/add/28629 Project: Drupal Version: cvs Component: base system Category: bug reports Priority: critical Assigned to: chx Reported by: chx Updated by: chx Status: patch (code needs review) Attachment: http://drupal.org/files/issues/resp.patch (775 bytes) This is an issue with cookies: when you get multiple response headers with the same name, they are overridden. This is probably what we want for location but for set-cookie this is bad. So says RFC 2109: " Informally, the Set-Cookie response header comprises the token Set- Cookie:, followed by a comma-separated list of one or more cookies. " chx