php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #44804 setrawcookie('test', '') sets value as "deleted" instead of empty
Submitted: 2008-04-23 01:19 UTC Modified: 2008-04-28 23:30 UTC
Votes:6
Avg. Score:4.0 ± 0.8
Reproduced:6 of 6 (100.0%)
Same Version:3 (50.0%)
Same OS:3 (50.0%)
From: oliver at netconcepts dot com Assigned:
Status: Wont fix Package: HTTP related
PHP Version: 5.2CVS,5.3CVS (2008-04-24) OS: *
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2008-04-23 01:19 UTC] oliver at netconcepts dot com
Description:
------------
the setrawcookie function doesn't set an empty value but sets the value 'deleted' instead.

An empty value is perfectly fine in a cookie, there is no need to modify that value in any way.


This bug is the same for PHP 4.3.1, and it was never solved?
http://bugs.php.net/bug.php?id=33526&edit=2

Reproduce code:
---------------
setrawcookie('testcookie', '');



Expected result:
----------------
(Firefox Live HTTP Headers output)

Set-Cookie: testcookie=



Actual result:
--------------
(Firefox Live HTTP Headers output)

Set-Cookie: testcookie=deleted

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-04-28 23:19 UTC] iliaa@php.net
A fix would be a massive BC break since many applications rely on "" 
value resulting in cookie deletion.
 [2008-04-28 23:30 UTC] oliver at netconcepts dot com
setting a cookie value to 'deleted' has nothing to do with a deleted cookie. Thats just a string, not an action or whatever.

I cannot imagine any application that relies on 'deleted' cookies showing up with a value of 'deleted' instead of '' (empty string).

A fix should at least go into the next major version.

Additionally the documentation needs an update.

Thanks.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Feb 18 14:01:25 2019 UTC