On Mon, Sep 8, 2014 at 9:15 AM, Sherif Ramadan <theanomaly...@gmail.com> wrote:
> Actually, we shouldn't be doing that all. We should simply just overwrite > the header. It wouldn't make much sense to set two headers with the same > cookie name when we can just overwrite it. > > > that would be a bigger BC break, and without a warning, those people affected by the change will have a harder time figuring out what went wrong. and as was discussed both in the PR and the bugreport the rfc discourages but doesn't prohibit this behavior, so making it impossible for the userland to do it would be a bit of an arbitrary restriction. maybe we could do something like introducing a new $overwrite = true option to the function signature, but setcookie already has 7 arguments, so probably isn't a great idea. -- Ferenc Kovács @Tyr43l - http://tyrael.hu
