Having multiple Set-Cookie



My origin is sending a response like:

Set-Cookie: cookie1=500; Domain=.mydomain.com; Max-Age=31536000; Path=/
Set-Cookie: cookie2=500; Domain=.mydomain.com; Max-Age=31536000; Path=/

When I apply a header rule (I know it is useless) such as:

Name: test
Type: response
Action: set
Destination: http.Set-Cookie
Source: regsuball(resp.http.Set-Cookie,"mydomain","foo")

I then get a response such as:

Set-Cookie: cookie2=500; Domain=.foo.com; Max-Age=31536000; Path=/

It seems my rule is removing one of the two cookies.

Am I doing something wrong?

Thanks in advance.

Multiple Set-Cookie Headers: same-name headers

Hi @alex – At the moment, we only support Varnish/CDN manipulation of the first same-name header that we receive from your backend. We’ll serve all of the headers you set us from your backend, but we only process the first one we receive with a given name.

That said, our core Varnish team is working on a correction for this. We don’t have a firm timeline for when this would be deployed, though. Sorry about that!


However, as a workaround, you can use custom VCL. See the following links on how to get access to VCL and how to use it:


And then you can use add instead of set, as is shown in some of the examples on https://docs.fastly.com/guides/vcl-extensions/randomnessrelated-vcl-features

I hope that helps.




Glad you guys are already working on it, @aspires!

@drwilco, the workaround you point seems a possible solution. Will try to follow that path.
Thanks for this suggestion!