Hello, On Wed, Jan 25, 2012 at 9:32 PM, Kiyoto Tamura <m...@ktamura.com> wrote: > Also, I am not sure if php_trim is what we want here. It looks like vrana's > initial proposal was to discard everything after CR-LF. This is different > from trimming CR/LF/whitespace at the end of the string. >
Ah I see didn't think enough about it, basically my point is for such a simple string op there is likely something already to do it, probably still is a function in strings to take care of it. As for the "feature" of \r\n working in user-agent init set, my main point is that is a BC break, since it is slightly advocated to use it as a hack in the docs here [1]. At the end of the day passing _any_ user input to literally any php function without sanitization can be dangerous given the right context. I think this specific one would fall under the developers hands, but hey it's just my opinion you can see what the core devs say I might be a bit off base. -Chris [1] http://php.net/wrappers.http#wrappers.http.example.custom.headers -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
