From 355b1a4209ca97521680ca0b080ace468330fc44 Mon Sep 17 00:00:00 2001
From: Paul Wise <pabs@debian.org>
Date: Sun, 11 Aug 2019 12:18:21 +0800
Subject: [PATCH] Set the cookie domain based on the HTTP domain.

Avoids issues with setting cookies on www-staging.d.o or other mirrors.

Fixes: commit eef0d1229a8d2627ffc8663eda9bd2d68a0ef09c
---
 modules/roles/templates/apache-www.debian.org.erb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/roles/templates/apache-www.debian.org.erb b/modules/roles/templates/apache-www.debian.org.erb
index e673afdea..45eab881b 100644
--- a/modules/roles/templates/apache-www.debian.org.erb
+++ b/modules/roles/templates/apache-www.debian.org.erb
@@ -140,9 +140,9 @@
    # Since Apache mod_rewrite cannot inspect POST data, we use URLs instead.
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^POST$
-   RewriteRule /intro/cn/setlang/([a-z]{2}(?:-[a-z]{2})?)/(.*) /$2 [last,redirect,cookie=lang:$1:www.debian.org:40320:/:secure:]
+   RewriteRule /intro/cn/setlang/([a-z]{2}(?:-[a-z]{2})?)/(.*) /$2 [last,redirect,cookie=lang:$1:%{HTTP_HOST}:40320:/:secure:]
    RewriteCond %{REQUEST_METHOD} ^POST$
-   RewriteRule /intro/cn/unsetlang/(.*) /$2 [last,redirect,cookie=lang:invalid:www.debian.org:-1:/:secure:]
+   RewriteRule /intro/cn/unsetlang/(.*) /$2 [last,redirect,cookie=lang:invalid:%{HTTP_HOST}:-1:/:secure:]
    SetEnvIf Cookie "lang=(.+)" prefer-language=$1
    Header append Vary cookie
 
-- 
2.20.1