At 19:00 27-08-01, Thies C. Arntzen wrote:
> > You lost your caps too? :)
>
>some time ago already;-) didn't you notice?
No, I hadn't noticed. I'll help you look for them in November :)
>if you are on a site that uses trans-sid for sessions the HTTP_REFERER
>on the next visited site will contain your session-id.
Ah, makes sense. That's indeed not a very cool thing.
> > trans_sid, by using the existing php.ini setting.
>
>makes sense - i just don't want a new & changed default behaviour of
>PHP. if i run a cookie based session and for some weird reason i have a
>stray character in one of my pages i do not want PHP to switch to
>trans-sid - i want to get notified ("Headers already sent") and fix my
>bug.
Well, you kind of convinced me that it's not a very good idea. The danger,
combined with the fact that people won't expect this to happen, combined
with the fact it's not a very 'clean' thing anyway, combined with the fact
that trans_sid itself is on by default (it no longer requires
--enable-trans-sid), this whole mess together sums up to 'not a very good
idea'.
Thanks for the info :)
Zeev
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
