php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50308 session id not appended properly for empty anchor tags
Submitted: 2009-11-27 01:57 UTC Modified: 2013-06-27 22:38 UTC
From: Dormilich at netscape dot net Assigned:
Status: Closed Package: Session related
PHP Version: 5.4/5.5 OS: Linux
Private report: No CVE-ID:
 [2009-11-27 01:57 UTC] Dormilich at netscape dot net

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-11-30 14:27 UTC] Dormilich at netscape dot net
this can be worked around by adding another attribute after the href attribute:
<a href="site.php?id=this" title="currently"/>
 [2010-12-01 16:29 UTC] jani@php.net
-Package: Feature/Change Request +Package: Session related
 [2013-06-27 22:38 UTC] yohgaki@php.net
-Status: Open +Status: Analyzed -Type: Feature/Change Request +Type: Bug -PHP Version: 5.2.11 +PHP Version: 5.4/5.5
 [2013-06-27 22:38 UTC] yohgaki@php.net
This is ext/standard/url_scanner_ex.re bug. This can be checked as follows

$ ./sapi/cgi/php-cgi -d session.use_trans_sid=1 -d session.use_only_cookies=0
<?php
session_start();
?>

<a href="site.php?id=this" />   
<a href="site.php?id=this"/>                         

X-Powered-By: PHP/5.4.18-dev
Set-Cookie: PHPSESSID=7ccd5541724e6c476d0742bc12884faa; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html


<a href="site.php?id=this&PHPSESSID=7ccd5541724e6c476d0742bc12884faa" />
<a href="site.php?id=this"/&PHPSESSID=7ccd5541724e6c476d0742bc12884faa>
 [2013-07-17 15:32 UTC] arpad@php.net
Automatic comment on behalf of arraypad@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e6ae977082bcff9c2ef0db4db58df2b07561c0a1
Log: Fixed bug #50308 - session id not appended properly for empty anchor tags
 [2013-07-17 15:32 UTC] arpad@php.net
-Status: Analyzed +Status: Closed
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 23:01:58 2014 UTC