How do you conditionally change a Set-Cookie header?

Question

The server behind my proxy sends back a Set-Cookie (response) header, which I want to change. I want to add path=/ to this:

Set-Cookie: DMZSID=none; HttpOnly; Expires=Thu, 01 Jan 1970 00:00:00 GMT

So:

Set-Cookie: DMZSID=none; HttpOnly; path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT

On occasion, this header also comes through the proxy:

Set-Cookie: DMZSID=somethingImportant; HttpOnly; path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT

So in my inexperienced eye, there are two options:

Always set path=/ when the cookie is called DMZSID

This seems to be the simplest option. I would probably try using Header merge Set-Cookie path=/ env=someVariable for it, but I don't know how to set up the SetEnvIf to trigger on the correct cookie name.

Check if DMZSID=none and add path=/

I'd probably again use merge to add the path=/ bit, but again, I don't know how to setup the SetEnvIf condition to trigger.

So how do I change this response header to always contain path=/ when it contains DMZSID?

Answer 1

Well, I just found an easier way, after I found out you can use PCRE in Header edit in Apache. Simply put, this is it:

Header edit Set-Cookie "(^DMZSID=none;\s?HttpOnly;\s?)(.*)" "$1path=/; $2"

This edits the Set-Cookie header. First, it captures "DMZSID=none; HttpOnly; " exactly, with either 0 or 1 whitespaces between the attributes. After that, it captures the rest. Then simply replace by contents of group 1 + path=/; + contents of group 2, and you get:

Set-Cookie: DMZSID=none; HttpOnly; path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT

This could probably be done easier, by adding path=/ to the very end, but I prefer to do it this way.