4.9.3 Response message
- Organization of this subsection
(1) Cookie sent by the server to the client
- HWS creation mode
-
The cookie generated by HTTP Server is returned to the client by using the Set-Cookie header. Because multiple Set-Cookie headers can be specified in a response, the cookies generated here do not affect the other cookies. The following shows the Set-Cookie header returned by HTTP Server:
Set-Cookie: NAME=VALUE; expires=DATE; path=/; domain=DOMAIN_NAME; secure
- NAME=VALUE
-
The name specified in the QOSCookieName directive is set as NAME. The value for the request control is specified for VALUE.
- expires=DATE
-
Specifies the time when cookie becomes invalid. The value acquired from "received request time + setting value of QOSCookieExpires directive" is set with RFC 822 format.
- path=/
-
A URL to which the cookie is applied. In this module, settings are done so that the cookie will be valid for all the URLs in the domain for which the cookie is valid.
- domain=DOMAIN_NAME
-
Domain to which the cookie is applied. The value is specified in QOSCookieDomain directive.
- secure
-
Specify whether to send cookie from the client to the server when using only SSL. The value is specified in QOSCookieSecure directive.
- User creation mode
-
HTTP Server does not generate cookies. Cookies generated by programs other than HTTP Server are returned to the client by using the Set-Cookie header.
(2) Headers when access is denied by the flow-restricting functionality
When access is denied by the flow-restricting functionality, the Expires header, which stops the response message from being cached, is added to the response header. This is because if the response is cached, the cached message is displayed, and requests might not be sent to the server, even if the server can accept request processing. The server disconnects after sending the denial message.
The other response headers are set as shown below. The character set specified in the AddDefaultCharset directive is added to the Content-Type header.
- (i) Standard message for the status code 503
-
Content-Type: text/html
- (ii) A customized message from QOSResponse
-
Content-Type: The QOSResponse directive specification value
- (iii) A Message for the status code 302 from QOSRedirect
-
Content-Type: text/html
Location: The QOSResponse directive specification value