Thanks for elaborating on the "BC break" (I googled it to no avail). I guess such a change (discarding everything after CR-LF) would break the code using BC breaks.
Either way, at least I am fully aware of how ini_set behaves ;) On Jan 25, 2012, at 9:25 PM, Chris Stockton wrote: > Hello, > > On Wed, Jan 25, 2012 at 9:32 PM, Kiyoto Tamura <m...@ktamura.com> wrote: >> Also, I am not sure if php_trim is what we want here. It looks like vrana's >> initial proposal was to discard everything after CR-LF. This is different >> from trimming CR/LF/whitespace at the end of the string. >> > > Ah I see didn't think enough about it, basically my point is for such > a simple string op there is likely something already to do it, > probably still is a function in strings to take care of it. > > As for the "feature" of \r\n working in user-agent init set, my main > point is that is a BC break, since it is slightly advocated to use it > as a hack in the docs here [1]. At the end of the day passing _any_ > user input to literally any php function without sanitization can be > dangerous given the right context. I think this specific one would > fall under the developers hands, but hey it's just my opinion you can > see what the core devs say I might be a bit off base. > > -Chris > > [1] http://php.net/wrappers.http#wrappers.http.example.custom.headers -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
