On 21.12.2021 at 20:09, Ayesh Karunaratne wrote: >> a while ago it has been reported[1] that our header() function actually >> allows arbitrary status codes, which may even overflow. Of course, that >> makes no sense, since the status code is supposed to be a three digit >> code. So this ticket has been followed up by a pull request[2], and >> Jakub suggested to further restrict the status code to be in range 100 - >> 599. >> >> Since this could break some pathological cases, I wanted to ask whether >> anybody objects to this change for the master branch (i.e. PHP 8.2). >> >> [1] <https://bugs.php.net/bug.php?id=81645> >> [2] <https://github.com/php/php-src/pull/7676> > > I think it is a useful improvement. Should we adjust to > http_response_code to match this behavior?
Oh, good catch! I think we should. Christoph -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php
