[PHP-DEV] Bug #10519: $HTTP_COOKIE_VARS spoofing

stuff Thu, 26 Apr 2001 18:16:14 -0700

From:             [EMAIL PROTECTED]
Operating system: Win98
PHP version:      4.0.4pl1
PHP Bug Type:     Variables related
Bug description:  $HTTP_COOKIE_VARS spoofing

<?
   setCookie('cookie[one]','one');
   setCookie('cookie[two]','two');

   print_r($HTTP_COOKIE_VARS);
?>

If you access this page with the command line arguement 

?cookie[three]=three 

print_r will show cookie[three] in $HTTP_COOKIE_VARS.

Just a bit of incongrous material, but for some sites could cause problems if cookies 
are spoofed thusly.

Regards


-- 
Edit Bug report at: http://bugs.php.net/?id=10519&edit=1



-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] Bug #10519: $HTTP_COOKIE_VARS spoofing

Reply via email to