How is zend_strtolower() magic?
I checked the RFC and we don't even need to convert it to lowercase.
RDC 2109: 4.1 Syntax: General: "Attributes (names) (attr) are case-insensitive".
BTW: The comment was wrong about Max-Age: -1 to delete a cookie, the RFC says you have to use Max-Age: 0 for that and no negative values are allowed.
So I guess we just have to copy the following section to the docs:
Comment=comment
Optional. Because cookies can contain private information about a user, the Cookie attribute allows an origin server to document its intended use of a cookie. The user can inspect the information to decide whether to initiate or continue a session with this cookie.
Domain=domain
Optional. The Domain attribute specifies the domain for which the cookie is valid. An explicitly specified domain must always start with a dot.
Max-Age=delta-seconds
Optional. The Max-Age attribute defines the lifetime of the cookie, in seconds. The delta-seconds value is a decimal non- negative integer. After delta-seconds seconds elapse, the client should discard the cookie. A value of zero means the cookie should be discarded immediately.
Path=path
Optional. The Path attribute specifies the subset of URLs to which this cookie applies.
Secure
Optional. The Secure attribute (with no value) directs the user agent to use only (unspecified) secure means to contact the origin server whenever it sends back this cookie.
The user agent (possibly under the user's control) may determine what level of security it considers appropriate for "secure" cookies. The Secure attribute should be considered security advice from the server to the user agent, indicating that it is in the session's interest to protect the cookie contents.
Version=version
Required. The Version attribute, a decimal integer, identifies to which version of the state management specification the cookie conforms. For this specification, Version=1 applies.
- Chris
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
