we're experiencing truncation of cookie values.
is there a hard-coded limit in php?
there's nothing in the docs. i didn't find any bugs at bugs.php.net
about this.
thanks,
dietrich
fyi:
- i'm using php 4.3.7 on iis/winxp
- the cookies are from Netegrity's Siteminder, a single-sign-on app
just tested same scenario using php 4.3.2, and the value was not
truncated. so i've either got a configuration issue of some kind, or
it's a bug introduced since 4.3.2.
repro code:
if(!isset($_COOKIE['SMSESSION']))
{
$setcookie = 1;
setcookie('SMSESSION',"8/1d6WFvsI02Rw+e/KaP/UbwhaskmyUK14vz26b6K++AHGFK/LPidQ5sCsEPFu1AAOrCRWOycy4fhxlY9Ah30/f0zIj0IJIcnvBltkbeOnUnMZKC+AWoLImVJ+QnY6ypwMLQ86ib9z7m7gGta38Z+5ZiWrDPf2Q6lKyLrnk5eWWio7MlAZLz02b1q5hGdJFWMOychRTDDqyY4wNMhs9H4RtspYVrVIV/Du3KOk0REuAuhc9OWTyf1RcUvt6SP/90P/Q1//d48RWyFIJpoSKi2/W0dv+25Q4WcyHUPOID1YZD/NeatftivKIYzvoYLUi+p2YhaC4eX9nkhA+CHsUImm1nYLvIv4OFo19/c8ESpB8VMYo/mhZig/89NeNvJmflFNIrT7Grx33B1osa83qezigrELlYvbmfm3UueVjFQHGM9o6tPWxH+lPJnTdcPaJNLRbX5Tc8cvPi107E2ulE8/PYvm82ez+/gdql3nh37Gtz4H5ah4Iz/pWRHcUQFrzzAQGdapMNetzi/XDxrrx5hVAprU3ZPeYbtrVK8lP+IhDFz09fTlcQm124GHdJLpqasGokN4WIBGAG4dyJINSgfNlgmKyfrVMCX/jcIefPFMUqBGtLGZGqyVmMwmIXqJUdbLsNzvQDeJV/sex/X0hW/FdvleycC+DGn/kAH4TuHI5nRCePP0JzSpv9Xfe5iGRorHIRaPFKyjZxHxwXRMpAbAma/EOG2lcF0sYL8jh4mEf0Mf54zcFKPA/HzvSfkLw9D/oQ6e3Z9jZbBMTKmpKwRGVEeZovzlP71OqlDpnkX2J1bQkJbVa4BJVCkOVwfI8Vikf0TKLmDM25Q8pX8fYiapAC9SJ6KTEoI1tP2JYk5bOLafjPT1OjkEsgCYHDt642Ow9qhhkRwtMxw+cyXRIqYxOYNsSUCl8lhDq1KoaxeriURi2DXA0sS2VMuBGXpTNnyimJM
l+uq7/6tRV1V4nkXm9dES1VQ8YdgwdOAyuiI");
}
echo "setcookie: $setcookie<br>";
echo var_dump($_COOKIE);
i'll file a bug on this if i don't hear otherwise from this list.
thanks,
dietrich
Dietrich Ayala wrote:
we're experiencing truncation of cookie values.
is there a hard-coded limit in php?
there's nothing in the docs. i didn't find any bugs at bugs.php.net
about this.thanks,
dietrich
No limit on PHP's end. Probably happening in the browser. Check what is
going over the wire.
-Rasmus
we're experiencing truncation of cookie values.
is there a hard-coded limit in php?
there's nothing in the docs. i didn't find any bugs at bugs.php.net
about this.thanks,
dietrich
Ran it through proxytrace (trace below). The browser sends full cookie
value, but the last 82 bytes are truncated from the value in $_COOKIE.
Note in my follow-up email: the problem does not occur in 4.3.2, yet is
reproducable in 4.3.7.
HTTP Request:
GET http://localhost/tests/cookie_%20bug.exp HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7)
Gecko/20040707 Firefox/0.9.2
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,/;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Cookie:
SMSESSION=8%2F1d6WFvsI02Rw%2Be%2FKaP%2FUbwhaskmyUK14vz26b6K%2B%2BAHGFK%2FLPidQ5sCsEPFu1AAOrCRWOycy4fhxlY9Ah30%2Ff0zIj0IJIcnvBltkbeOnUnMZKC%2BAWoLImVJ%2BQnY6ypwMLQ86ib9z7m7gGta38Z%2B5ZiWrDPf2Q6lKyLrnk5eWWio7MlAZLz02b1q5hGdJFWMOychRTDDqyY4wNMhs9H4RtspYVrVIV%2FDu3KOk0REuAuhc9OWTyf1RcUvt6SP%2F90P%2FQ1%2F%2Fd48RWyFIJpoSKi2%2FW0dv%2B25Q4WcyHUPOID1YZD%2FNeatftivKIYzvoYLUi%2Bp2YhaC4eX9nkhA%2BCHsUImm1nYLvIv4OFo19%2Fc8ESpB8VMYo%2FmhZig%2F89NeNvJmflFNIrT7Grx33B1osa83qezigrELlYvbmfm3UueVjFQHGM9o6tPWxH%2BlPJnTdcPaJNLRbX5Tc8cvPi107E2ulE8%2FPYvm82ez%2B%2Fgdql3nh37Gtz4H5ah4Iz%2FpWRHcUQFrzzAQGdapMNetzi%2FXDxrrx5hVAprU3ZPeYbtrVK8lP%2BIhDFz09fTlcQm124GHdJLpqasGokN4WIBGAG4dyJINSgfNlgmKyfrVMCX%2FjcIefPFMUqBGtLGZGqyVmMwmIXqJUdbLsNzvQDeJV%2Fsex%2FX0hW%2FFdvleycC%2BDGn%2FkAH4TuHI5nRCePP0JzSpv9Xfe5iGRorHIRaPFKyjZxHxwXRMpAbAma%2FEOG2lcF0sYL8jh4mEf0Mf54zcFKPA%2FHzvSfkLw9D%2FoQ6e3Z9jZbBMTKmpKwRGVEeZovzlP71OqlDpnkX2J1bQkJbVa4BJVCkOVwfI8Vikf0TKLmDM25Q8pX8fYiapAC9SJ6KTEoI1tP2JYk5bOLafjPT1OjkEsgCYHDt642Ow9
qhhkRwtMxw%2BcyXRIqYxOYNsSUCl8lhDq1KoaxeriURi2DXA0sS2VMuBGXpTNnyimJMl%2Buq7%2F6tRV1V4nkXm9dES1VQ8YdgwdOAyuiI
Cache-Control: max-age=0
Rasmus Lerdorf wrote:
No limit on PHP's end. Probably happening in the browser. Check what is
going over the wire.-Rasmus
we're experiencing truncation of cookie values.
is there a hard-coded limit in php?
there's nothing in the docs. i didn't find any bugs at bugs.php.net
about this.thanks,
dietrich