Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96425
Return-Path: <php-lists@koalephant.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 8884 invoked from network); 18 Oct 2016 11:32:24 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 18 Oct 2016 11:32:24 -0000
Authentication-Results: pb1.pair.com header.from=php-lists@koalephant.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=php-lists@koalephant.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain koalephant.com designates 206.123.115.54 as permitted sender)
X-PHP-List-Original-Sender: php-lists@koalephant.com
X-Host-Fingerprint: 206.123.115.54 mail1.25mail.st  
Received: from [206.123.115.54] ([206.123.115.54:35055] helo=mail1.25mail.st)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 42/1B-40890-74806085 for <internals@lists.php.net>; Tue, 18 Oct 2016 07:32:24 -0400
Received: from [10.0.1.23] (unknown [183.89.46.225])
	by mail1.25mail.st (Postfix) with ESMTPSA id B6E8360458;
	Tue, 18 Oct 2016 11:32:06 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
In-Reply-To: <CAGa2bXai-Suh-9zvUXRdnmVr+Kmk_2n3PYa0D+9Psj5wO7B14g@mail.gmail.com>
Date: Tue, 18 Oct 2016 18:32:00 +0700
Cc: "internals@lists.php.net" <internals@lists.php.net>,
 Davey Shafik <davey@php.net>,
 Xinchen Hui <laruence@php.net>
Content-Transfer-Encoding: quoted-printable
Message-ID: <1FCBD231-FC95-4C9B-AE75-5A3D44FBC4B2@koalephant.com>
References: <CAGa2bXb0CKP6=eZZk2atR5XGtR8JmQ3FG756wn0J7kkPGYFyZg@mail.gmail.com> <1D4E0886-5DE1-403F-98C5-8C4B8CC5E8EF@bobs-bits.com> <CAGa2bXai-Suh-9zvUXRdnmVr+Kmk_2n3PYa0D+9Psj5wO7B14g@mail.gmail.com>
To: Yasuo Ohgaki <yohgaki@ohgaki.net>
X-Mailer: Apple Mail (2.3124)
Subject: Re: [PHP-DEV] header() removes all header of the same name.
From: php-lists@koalephant.com (Stephen Reay)

Hi Yasuo,

I agree there are probably a lot using the default, but I think it=E2=80=99=
s reasonable to expect anyone using a header(=E2=80=98Set-Cookie:..=E2=80=99=
); call rather than setcookie() to be aware of the 2nd argument for =
header(), so this solution sounds good to me.

Cheers

Stephen=20

> On 18 Oct 2016, at 18:08, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
>=20
> Hi Stephen,
>=20
> On Tue, Oct 18, 2016 at 5:54 PM, Stephen Reay <stephen@bobs-bits.com> =
wrote:
>> If the replace flag was fixed, isn=E2=80=99t this then just a case of =
making sure userland sets replace to false if they want existing =
set-cookie headers retained?
>=20
> Yes and no.
>=20
> If users use the replace flag correctly, then it will work. However, I
> don't expect users set replace flag correctly. If replace flag's
> default was opposite, it would work better.
>=20
>> Removing the ability to write a custom Set-Cookie header introduces a =
bigger problem than the current one, IMO.
>=20
> OK. Let's just fix the replace flag and document removing 'Set-Cookie'
> header by header() may result in unwanted results.
>=20
> Everyone is ok with this?
>=20
> Regards,
>=20
> --
> Yasuo Ohgaki
> yohgaki@ohgaki.net
>=20