Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:57447 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 45479 invoked from network); 20 Jan 2012 03:31:23 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Jan 2012 03:31:23 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.160.170 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.160.170 mail-gy0-f170.google.com Received: from [209.85.160.170] ([209.85.160.170:43054] helo=mail-gy0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id EB/50-42843-900E81F4 for ; Thu, 19 Jan 2012 22:31:21 -0500 Received: by ghrr13 with SMTP id r13so73881ghr.29 for ; Thu, 19 Jan 2012 19:31:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=i4vuDfnfBYMhh3BI9BUtJRvJ/yp71wusezZDBLHepWs=; b=kx7rykNN3zKJba1x/k4tAU3YR8y1S4dfVS1UonY0/jvJAt0sqUIVJy1P++6UfzFOEn VWEwexAuZTYbVnB+VBcvX6OUMg8f7uAGkgpGDUC9exh4aE9Ph8TjAkqmMAzNemg4zW0z rmr4yjJENcDKXnjFV4zZ8MpiBwZMwp44AOULw= Received: by 10.236.155.226 with SMTP id j62mr42194861yhk.49.1327030277175; Thu, 19 Jan 2012 19:31:17 -0800 (PST) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.100.43.13 with HTTP; Thu, 19 Jan 2012 19:30:36 -0800 (PST) In-Reply-To: References: Date: Fri, 20 Jan 2012 12:30:36 +0900 X-Google-Sender-Auth: 3WEJkEYMLPF7RS4n45jU2xVR4kk Message-ID: To: Ferenc Kovacs , Stas Malyshev Cc: Michael Wallner , internals@lists.php.net Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] session_regenerate_id() not replacing Set-Cookie header From: yohgaki@ohgaki.net (Yasuo Ohgaki) Hi Stats, Even if this bug is marked as bogus in bug DB, I think this bug needed to be fixed for 5.4. https://bugs.php.net/bug.php?id=3D38104 It seems this bug causes problem with IE that not keeping session correctly= . From RFC 6250 ------------- Servers SHOULD NOT include more than one Set-Cookie header field in the same response with the same cookie-name. (See Section 5.2 for how user agents handle this case.) ------------- http://datatracker.ietf.org/doc/rfc6265/?include_text=3D1 It seems IE conform this standard. According to svn log, it seems it was not fixed. Anyone working with this issue? or already fixed? I'm just curious. Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net 2012/1/9 Ferenc Kovacs : > On Wed, Nov 16, 2011 at 12:30 PM, Ferenc Kovacs wrote: > >> >> >> On Wed, Nov 16, 2011 at 12:12 PM, Michael Wallner wrote: >> >>> On Tue, 15 Nov 2011 23:51:25 +0100, Patrick ALLAERT wrote: >>> >>> >>> As per rfc6265, it seems incorrect: >>> >>> "Servers SHOULD NOT include more than one Set-Cookie header field i= n >>> >>> the same response with the same cookie-name." >>> >>> >>> > >>> > @mike >>> > >>> > Since you are the one who introduced the comment, you might be the be= st >>> > person to comment on this. >>> > >>> >>> If you set replace to 1 it would replace any Set-Cookie header, not >>> necessarily the session cookie header. >>> >>> Mike >>> >>> >>> >> if we fix that, I would like to see https://bugs.php.net/bug.php?id=3D38= 104(previously reported as >> https://bugs.php.net/bug.php?id=3D31455) fixed also. >> >> -- >> Ferenc Kov=E1cs >> @Tyr43l - http://tyrael.hu >> > > bump. > > -- > Ferenc Kov=E1cs > @Tyr43l - http://tyrael.hu