php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #22111 URL rewriter and Javascript
Submitted: 2003-02-07 13:00 UTC Modified: 2003-02-10 07:10 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: xanthor at xanthor dot tk Assigned:
Status: Wont fix Package: Session related
PHP Version: 4.3.0 OS: All
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: xanthor at xanthor dot tk
New email:
PHP Version: OS:

 

 [2003-02-07 13:00 UTC] xanthor at xanthor dot tk 
The URL rewriter for transparent session ID propagation read also the javascripts and add PHPSESSID, sometimes with errors

For exemple :
If I write :

<script type="text/javascript">
<!--
pipo = '<a href=\"bla\">plop</a>';
-->
</script>

I obtain : 
<script type="text/javascript">
<!--
pipo = '<a href=\"bla\"?PHPSESSID=******>plop</a>';
-->
</script>

(Tested on servers with PHP4.3, runing with Apache 1.3.27 and Linux...)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-02-07 23:13 UTC] sniper@php.net 
There's no need to quote "'s in your example.
Not bug.
 [2003-02-08 12:00 UTC] xanthor at xanthor dot tk 
The question is not about javascript but about PHP.
PHP shouldn't add PHPSESSID anywhere in javascript, especially if the script is writen between comment caracteres.

So yes, it is a bug.
 [2003-02-10 06:38 UTC] xanthor at xanthor dot tk 
So I reopen it...
 [2003-02-10 07:10 UTC] sniper@php.net 
In my opinion, there's no bug in this. In any case,
it will not be fixed..
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed Apr 24 12:01:29 2024 UTC