php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #80209 setcookie() is not fully RFC 6265 compliant
Submitted: 2020-10-09 12:58 UTC Modified: 2020-10-09 14:34 UTC
From: jve at woodwing dot com Assigned: cmb (profile)
Status: Closed Package: HTTP related
PHP Version: 7.3.23 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jve at woodwing dot com
New email:
PHP Version: OS:

 

 [2020-10-09 12:58 UTC] jve at woodwing dot com
Description:
------------
According to the documentation the setcookie() implements RFC 6265.According to this RFC the cookie name is a 'token'. The 'token' is defined in RFC 2616. According to RFC 2616 a token is:

token          = 1*<any CHAR except CTLs or separators>
separators     = "(" | ")" | "<" | ">" | "@"
                  | "," | ";" | ":" | "\" | <">
                  | "/" | "[" | "]" | "?" | "="
                  | "{" | "}" | SP | HT 

As a consequence statements like "setcookie("cookie[three]", "cookiethree");"
are not compliant with RFC 2616.
Above statement is from the setcookie() documentation: Example #3 setcookie() and arrays

Expected result:
----------------
Easy way out would be to add a note to the documentation that the use of '[' and ']' is not compliant with RFC 6265.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-10-09 14:34 UTC] cmb@php.net
-Summary: setcookie() is not RFC 6265 compliant +Summary: setcookie() is not fully RFC 6265 compliant -Status: Open +Status: Verified -Assigned To: +Assigned To: cmb
 [2020-10-09 14:34 UTC] cmb@php.net
Thanks for forwading to the bug tracker. :)
 [2020-10-09 14:36 UTC] phpdocbot@php.net
Automatic comment on behalf of cmb
Revision: http://git.php.net/?p=doc/en.git;a=commit;h=83f2f6fa3af313b9d5401e7dc9be7031ca141019
Log: Fix #80209: setcookie() is not fully RFC 6265 compliant
 [2020-10-09 14:36 UTC] phpdocbot@php.net
-Status: Verified +Status: Closed
 [2020-10-10 08:20 UTC] phpdocbot@php.net
Automatic comment on behalf of mumumu
Revision: http://git.php.net/?p=doc/ja.git;a=commit;h=de18a26fd371e3a806b43996877cee18cd264b6a
Log: Remove confusing reference to PHP 5 Fix #80209: setcookie() is not fully RFC 6265 compliant
 [2020-12-30 11:58 UTC] nikic@php.net
Automatic comment on behalf of mumumu
Revision: http://git.php.net/?p=doc/ja.git;a=commit;h=f6275a4d2de695d591e277ec14afee1a5b566a8e
Log: Remove confusing reference to PHP 5 Fix #80209: setcookie() is not fully RFC 6265 compliant
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 14 16:01:26 2024 UTC