Hi,

I've run into an issue where a cookie I'm sending back to a browser is too large (> 4kB), so it's being split into two cookies. This results in two `Set-Cookie` headers.

Unfortunately, it seems that `auth_request_set` doesn't work well with this, because you only get the first header.

Is there a way around this? I saw the var `$upstream_cookie_[name]`, which might work (though awkwardly - you'd need to set use that once for every possible header part), and the other idea I had was maybe using an `access_by_lua` script to try to fix this in some way, but I'm not sure how I'd go about that either.