On Fri, 03 Feb 2012 12:06:26 +0100, Stefan Esser
<stefan.es...@sektioneins.de> wrote:
[snip]
Luckily it is not affecting everyone, because at least the Apache SAPI
will stop sending the header at the NUL byte, too.
However everybody running CGI/FastCGI will loose the protection with
this.
[snip]
Good point, and I humbly take the blame as I simply assumed the header was
being passed as a C string (odd that they aren't since NULL bytes are not
allowed in headers anyway but besides the point).
--
Gustavo Lopes
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
