What is happening is that only cookie is actually sent to the browser, and I'd bet it's either the last or first one depending on how header_props is implemented. The solution is header_add() - you might have to upgrade your CGI::Application installation since it's a recent addition.
header_add()
# add or replace the 'type' header
$webapp->header_add( -type => 'image/png' );
- or -
# add an additional cookie
$webapp->header_add(-cookie=>[$extra_cookie]);
The header_add() method is used to add one or more headers to the
+outgoing response headers. The parameters will eventuallly be passed
+on to the CGI.pm header() method, so refer to the CGI docs for exact
+usage details.
Unlike calling header_props(), header_add() will preserve any exis
+ting headers. If a scalar value is passed to header_add() it will rep
+lace the existing value for that key.
If an array reference is passed as a value to header_add(), values
+ in that array ref will be appended to any existing values values for
+ that key. This is primarily useful for setting an additional cookie
+after one has already been set.