From 2d5fce5c5113ebc1af1c07b39f8f86e9669d723f Mon Sep 17 00:00:00 2001
From: mjansen <mjansen@databay.de>
Date: Mon, 9 Sep 2024 08:38:30 +0200
Subject: [PATCH] HTTP: Fix sending `Set-Cookie` HTTP header

See: https://mantis.ilias.de/view.php?id=41226
---
 .../Response/Sender/DefaultResponseSenderStrategy.php    | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/HTTP/Response/Sender/DefaultResponseSenderStrategy.php b/src/HTTP/Response/Sender/DefaultResponseSenderStrategy.php
index 97caebe438e7..64ea1446ebad 100644
--- a/src/HTTP/Response/Sender/DefaultResponseSenderStrategy.php
+++ b/src/HTTP/Response/Sender/DefaultResponseSenderStrategy.php
@@ -87,7 +87,14 @@ public function sendResponse(ResponseInterface $response): void
 
         //render all headers
         foreach (array_keys($response->getHeaders()) as $key) {
-            header("$key: " . $response->getHeaderLine($key));
+            // See Mantis #37385.
+            if (strtolower($key) === 'set-cookie') {
+                foreach ($response->getHeader($key) as $header) {
+                    header("$key: " . $header, false);
+                }
+            } else {
+                header("$key: " . $response->getHeaderLine($key));
+            }
         }
 
         //rewind body stream