Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2012-01-19 Thread Stas Malyshev
Hi! Even if this bug is marked as bogus in bug DB, I think this bug needed to be fixed for 5.4. https://bugs.php.net/bug.php?id=38104 It seems this bug causes problem with IE that not keeping session correctly. It looks like pretty rare scenario and doesn't seem to require any core changes

Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2012-01-19 Thread Yasuo Ohgaki
Hi Stats, Even if this bug is marked as bogus in bug DB, I think this bug needed to be fixed for 5.4. https://bugs.php.net/bug.php?id=38104 It seems this bug causes problem with IE that not keeping session correctly. >From RFC 6250 - Servers SHOULD NOT include more than one Set-Cook

Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2012-01-09 Thread Ferenc Kovacs
On Wed, Nov 16, 2011 at 12:30 PM, Ferenc Kovacs wrote: > > > On Wed, Nov 16, 2011 at 12:12 PM, Michael Wallner wrote: > >> On Tue, 15 Nov 2011 23:51:25 +0100, Patrick ALLAERT wrote: >> >> >>> As per rfc6265, it seems incorrect: >> >>> "Servers SHOULD NOT include more than one Set-Cookie header f

Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2011-11-16 Thread Ferenc Kovacs
On Wed, Nov 16, 2011 at 12:12 PM, Michael Wallner wrote: > On Tue, 15 Nov 2011 23:51:25 +0100, Patrick ALLAERT wrote: > > >>> As per rfc6265, it seems incorrect: > >>> "Servers SHOULD NOT include more than one Set-Cookie header field in > >>> the same response with the same cookie-name." > >>> >

Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2011-11-16 Thread Michael Wallner
On Tue, 15 Nov 2011 23:51:25 +0100, Patrick ALLAERT wrote: >>> As per rfc6265, it seems incorrect: >>> "Servers SHOULD NOT include more than one Set-Cookie header field in >>> the same response with the same cookie-name." >>> > > @mike > > Since you are the one who introduced the comment, you mi

Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2011-11-15 Thread Patrick ALLAERT
2011/11/15 Paul Dragoonis : > On Tue, Nov 15, 2011 at 10:09 PM, Patrick ALLAERT > wrote: >> Hello, >> >> Calling session_regenerate_id() inside a same request will generate >> multiple Set-Cookie headers >> >> example code: >> > session_start(); >> session_regenerate_id(); >> session_regenerate_id

Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2011-11-15 Thread Paul Dragoonis
On Tue, Nov 15, 2011 at 10:09 PM, Patrick ALLAERT wrote: > Hello, > > Calling session_regenerate_id() inside a same request will generate > multiple Set-Cookie headers > > example code: > session_start(); > session_regenerate_id(); > session_regenerate_id(); > ?> > > will result in, e.g.: > Set-C

[PHP-DEV] session_regenerate_id() not replacing Set-Cookie header

2011-11-15 Thread Patrick ALLAERT
Hello, Calling session_regenerate_id() inside a same request will generate multiple Set-Cookie headers example code: will result in, e.g.: Set-Cookie: PHPSESSID=d8afvidkqp9jd4kns8ij976o72; path=/ Set-Cookie: PHPSESSID=lkjla7kvotnfhutb43llcirj61; path=/ As per rfc6265, it seems incorrect: "Serv