php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #68390 setcookie to override same name cookies
Submitted: 2014-11-10 10:45 UTC Modified: 2014-11-10 10:52 UTC
From: coladict at gmail dot com Assigned:
Status: Duplicate Package: *General Issues
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2014-11-10 10:45 UTC] coladict at gmail dot com 
Description:
------------
The last Set-Cookie header, setting a cookie by the same name, always overrides the data in the browser, but multiple set-cookie headers are send for the same name. This initially caused our proxy server to reject the response, because the header size exceeded the default limit.

setcookie() should override previous calls to the same cookie name. It should also issue an E_NOTICE message when overriding a previously called cookie, for easier tracing of problems where a cookie might wrongly be overridden.


Test script:
---------------
<?php
setcookie('randomcookie','olddata');
setcookie('randomcookie','newdata');

Expected result:
----------------
In the response headers as suggested:

Set-Cookie:randomcookie=newdata

Actual result:
--------------
In the response headers as it is now:

Set-Cookie:randomcookie=olddata
Set-Cookie:randomcookie=newdata

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-11-10 10:52 UTC] aharvey@php.net
-Status: Open +Status: Duplicate
 [2014-11-10 10:52 UTC] aharvey@php.net 
Duplicate of bug #67736 (which links to https://github.com/php/php-src/pull/795, where a lively discussion is taking place on whether this should be changed or not, and if so, how).
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 25 10:01:29 2024 UTC