Am 18.07.2017 um 16:00 schrieb Marco Pivetta:
On Tue, Jul 18, 2017 at 3:50 PM, li...@rhsoft.net
<mailto:li...@rhsoft.net> <li...@rhsoft.net <mailto:li...@rhsoft.net>>
wrote:
i don't share your optinion, especially talking about 'should be
deprecated' where i get the feeling some peoples hobby is deprecate
working things
comparing cookie params with encryption is hopefully just kidding
It could be a "hello world" function - same stuff.
Also, yes, cookies are as security-sensitive stuff as crypto, if not
often more (since crypto is usually handled at webserver level, and
direct usage of openssl is more "rare")
how can they than be more security-sensitive within the encryption
layer.... but that's not the point: setcookie() even with all it's
params is easy and clear to use fopr anybody which has a clue what he is
doing and there is no need to deprecated it nor design a new shiny API
for it as replacement
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
