sniper Sat Apr 23 16:33:35 2005 EDT
Modified files: /php-src/main php_variables.c Log:
- Fixed bug #32111 (Cookies can also be separated by colon)
Could you please revert that patch, or implement the RFC correctly?
Now PHP handles cookies in a completely RFC uncovered way.
Either we have support for , ; " or only for ; but not something in between. F.e. with your patch you just fucked modsecurity again which will fail to correctly detect evil cookie variables. No matter if you configure it to use V0 or V1 of its detection.
Stefan
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
