Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:122542 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by qa.php.net (Postfix) with ESMTPS id 414601ADAA5 for ; Sun, 3 Mar 2024 18:26:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1709481690; bh=Gw33ogF01NCQ1rRI+NZ0EQhlVaG6IP9N0nwBFhKr/EU=; h=Date:To:From:Cc:Subject:In-Reply-To:References:From; b=iFw2NXZ6BtQYd2Jwitz/Jz4hMg7yGyLGiRC5pJQmEww0i3XkOBs5boMV6YsPpMzaT KZVSqhMKktGBAyO6I/iWnLnxrOZ8wL32Uor305gQhFY8c5pd5ZEDySqq1R5z5kh0+o mWCHTDdD1R/E1Do9SbwR4RLMUfpUgG8Ul4EH5qfGewTiCf5QCD1SoNuij2pqkO8VSD u2P6hDRHOMv7alG6d8KSUIYym0h/F71Yz1XrOD0SkRWAC+gAjFZEZgWVAfaPGpEEX2 69UGwWGktByuVRAa9wC5w8ug8PJhybl9Hd5mRtZTXIkraTyVQT/Y48IHMoUixVU4QA kdUSimMUcuySA== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 605D218AA5E for ; Sun, 3 Mar 2024 16:01:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_20,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=4.0.0 X-Spam-Virus: No X-Envelope-From: Received: from mail-4323.proton.ch (mail-4323.proton.ch [185.70.43.23]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sun, 3 Mar 2024 16:01:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gpb.moe; s=protonmail; t=1709481672; x=1709740872; bh=Gw33ogF01NCQ1rRI+NZ0EQhlVaG6IP9N0nwBFhKr/EU=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=sG+8WzBUlCa76InCkX/cCO2K7o/oN6qwwuZH1aeu7pYfq2mkjhZMo73NHz9gIGoK0 AO1MD6nQTgAwymnN89vCyoDfrnla+NkrBqCRxID0rZOkw33J9Ipt9p+b/SSWAnP9GW 1pd+zzPD7d+A2lHQqWS/gfYnIbDAprjFt4bax/lBwGpyonCpRs2FPluetBxkODpyuC 1Gj+GEsVfR5WdNyXCb3DEEQ3ErxijpXVj3UtHZqTLI7p6RxHy1hIbbdKg+heqU3rHj T4w+ibO6qhdfWIocK2iLDloAsMePSxu+Koy4lthb4q2dlE1NPXvB0/J0ZkjE4NzoL/ 93uMDFchgIjxA== Date: Sun, 03 Mar 2024 16:00:42 +0000 To: Kamil Tekiela Cc: PHP internals Subject: Re: [PHP-DEV] [RFC] [Discussion] Deprecate GET/POST sessions Message-ID: In-Reply-To: References: Feedback-ID: 96993444:user:proton Precedence: bulk list-help: list-post: List-Id: internals.lists.php.net MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: internals@gpb.moe ("Gina P. Banyard") On Saturday, 2 March 2024 at 21:10, Kamil Tekiela wr= ote: > Hi Internals, >=20 > I would like to start a discussion on a new RFC > https://wiki.php.net/rfc/deprecate-get-post-sessions >=20 > Please let me know whether the idea is clear and the RFC is understandabl= e. >=20 > In particular, I am looking for any feedback as to why this is a bad > idea. The primary motivation behind this RFC is to reduce potential > security pitfalls. >=20 > Regards, > Kamil Tekiela I think this makes sense to me. I would possibly move the deprecation of the SID constant from the mass dep= recation RFC to this one, as I would be very odd to have this accepted but = not the latter. Best regards, Gina P. Banyard