Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:96526 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 77064 invoked from network); 20 Oct 2016 13:59:00 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Oct 2016 13:59:00 -0000 Authentication-Results: pb1.pair.com smtp.mail=cmbecker69@gmx.de; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=cmbecker69@gmx.de; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmx.de designates 212.227.15.15 as permitted sender) X-PHP-List-Original-Sender: cmbecker69@gmx.de X-Host-Fingerprint: 212.227.15.15 mout.gmx.net Received: from [212.227.15.15] ([212.227.15.15:65433] helo=mout.gmx.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 20/F9-24564-D9DC8085 for ; Thu, 20 Oct 2016 09:59:00 -0400 Received: from [192.168.2.103] ([79.243.119.150]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0M6RiN-1cqqaR3xKl-00yQYJ; Thu, 20 Oct 2016 15:58:49 +0200 To: Stephen Reay , Yasuo Ohgaki References: <1eab7492-596c-ffd2-81ed-0eb9256a033e@gmail.com> <0B722A15-A29F-498B-987F-F6BA5AA49EEF@bobs-bits.com> <59D6B40B-DC64-43A3-AED4-CD5C9C15B6BA@koalephant.com> <72B2986D-3C05-4929-9BDD-1A911FC9E793@koalephant.com> Cc: Niklas Keller , Stanislav Malyshev , "internals@lists.php.net" , Davey Shafik , Xinchen Hui Message-ID: <13a6a58d-1f59-282d-45c8-8e218afc9e53@gmx.de> Date: Thu, 20 Oct 2016 15:59:37 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <72B2986D-3C05-4929-9BDD-1A911FC9E793@koalephant.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Provags-ID: V03:K0:5CJrk9Kx9JeBNakieunvpNdyCHuTXLP/CBOFahtqs3DGhgjwvua MwFZj5RBFSVAyewseMP7JzJ0x1PkhvoMw6O+bA1v2Snx6e8yydLQ1PpHhDq2Zcr2E3KdaA0 jLBK31QGnmSO5nxE6nZRlibHn8o37Qx5lU0Dj/h/PipLQs1dj8tn5DN1e+0/OOWaxA8k2B7 EfTtyP4XnCeKuh+ST190w== X-UI-Out-Filterresults: notjunk:1;V01:K0:4tJyg1V2pxY=:bB5TXN5xnQuZ4T/9Z7L5pN gETpynckwi71T2idGDs3km9mQE/nbA+nrjj2bzypBbhL0P9hkYgdPXAklUPxzsXl4iC/KWlYA h1ks/O8EAqfd4gV8XJ5HxMk8fi9GyEMpKBKIrw9jRrOcvDRvIfwEh+SC2J+6rFpIT+0Dv+wjQ G+Vxqgz+we4ByjTV1thIQP8L9KYGaDFyJL/hk2QkaAf9RWsta2RBg7AVaO2OZmnSLy4kcLSdH Q+5FTIGwBHwEhaJMxyFS51npftjcSD0oSPeZxHcv9DpN0udgvKe9FDELF7GKUVntJ4gurGAWM syGpy+FPAyz4aLdWinNFSZRn+OZx6rKm8qQTo777G38qi78oXynFLo0BmgdGlvCOW/A2AqvDc trGHeDtOBwa65jMnHImvtGOZKbyFrFgPagRO95I7iire9VaoapBhA72v6P+kKUweUWlzyjhaO boaNFHPywYZDcbkibJsddvJMC66XwJNicCXt/OILA5nimMylSqVTUUZggabDjqt1YIGXCriqv /esAahMK9IP/1iz8rgM7NAiMvjnJPo7Aq9Py2Nl/YosZAggZM/AHBREvxTYl6dzUwXzWUPh+X zXYoc4z3Dxk5Lqq+FoXGuVwQ1r9E7CmBlQ1M70GzFA8AWRJHcD7SXUPCw1uRzrd69qe8UThuH BX9xdbsWRlsaPH/alnP+W9VLWsU1uPG1vaAhhDEoiwusowlHSnaeBcjf956E0vbQ0zjr9WJfo N8M2bazKi32qqGYLyJQ2Jr86TwzbeCWQ3k8iG0I5wgLSPLd/VlG6N2axcwZKUFB4spfG5QwZz sTDNp8o Subject: Re: [PHP-DEV] header() removes all header of the same name. From: cmbecker69@gmx.de ("Christoph M. Becker") On 20.10.2016 at 14:15, Stephen Reay wrote: > As with Niklas, I have no vote, so my *only* option to prevent what I consider to be a bad decision, is to post to this thread and hope that enough of those who *do* have voting rights, reject the proposal. > > I understand what you’re proposing. But honestly I don’t even agree with the premise that there is a *problem* that needs to be fixed. > > Did you know that if you manually set the Content-Length header to less than the actual body length, many browsers (Safari, Chrome, and FF definitely) will stop reading/processing the response at the length you specify? > So should we also prevent setting Content-Length via header() ? > > Honestly I don’t understand how this is still a discussion. The developer failed to set the $replace argument to false. At most I would expect this to result in a documentation note warning about the use of header(‘Set-Cookie…’). > > I appreciate you trying to make improvements, and I’d *definitely* be in favour of the function naming cleanup you mentioned earlier, but all of this “protected” headers and extra function calls, because someone forgot to type “, false” seems ridiculous to me honestly. Full ACK. -- Christoph M. Becker