Do not send void HTTP headers
When LL::NG::Handler removes Lemonldap cookie from HTTP 'Cookie' header, it does not take care if there remains cookies. So it can send a void header to apps, like :
GET /foo/ HTTP/1.1
Host: test.example.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.9.1.16) Gecko/20121207 Iceweasel/3.5.16 (like Firefox/3.5.16)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cookie:
Connection: Keep-Alive
This is not severe, but not really clean.
As same, LL::NG::Handler::AuthBasic sends void HTTP 'Authorization' header to apps.