I changed header parsing last night to make header name processing case insensitive.
Due to an oversight, the first cookie sent was being dropped. As long as your session cookie wasn't first in the cookie header, everything worked fine, which is why I didn't notice (despite testing in Safari, FF, and Chrome). This is also why clearing cookies sometimes worked - it shuffled the order in some browsers.
No problem, thanks for posting the details instead of just "try it now." It's just a matter of time before I would have done something similar. I appreciate the opportunity to learn from someone ELSE's mistakes for a change---one of the benefits of HN.
I wrote an HTTP proxy server. Every site on the internet I ever tried worked through it except HN, which went into a redirect loop. I investigated (insofar as HN's hair-trigger banning allows such things) and think this was due to the fact that the proxy was normalising header case. If this is fixed, I'll be very happy.
Due to an oversight, the first cookie sent was being dropped. As long as your session cookie wasn't first in the cookie header, everything worked fine, which is why I didn't notice (despite testing in Safari, FF, and Chrome). This is also why clearing cookies sometimes worked - it shuffled the order in some browsers.
Sorry everyone.