ID: 32802 Updated by: [EMAIL PROTECTED] Reported By: ast at gmx dot ch -Status: Open +Status: Feedback Bug Type: HTTP related Operating System: ANY PHP Version: 4.3.11 New Comment:
Exactly what bug did Ilia close? And why are you submitting a new report if one exists already? Previous Comments: ------------------------------------------------------------------------ [2005-04-23 14:19:22] ast at gmx dot ch Description: ------------ [EMAIL PROTECTED], you closed the bug prematurely. It is indeed a PHP bug. Let me explain... >From RFC 2965, which obsoletes 2109, and is the reference for cookie / HTTP state management mechanism: http://www.faqs.org/rfcs/rfc2965 See 4.2 Example 2 Imagine the user agent has received, in response to earlier requests, the response headers Set-Cookie2: Part_Number="Rocket_Launcher_0001"; Version="1"; Path="/acme" and Set-Cookie2: Part_Number="Riding_Rocket_0023"; Version="1"; Path="/acme/ammo" A subsequent request by the user agent to the (same) server for URLs of the form /acme/ammo/... would include the following request header: Cookie: $Version="1"; Part_Number="Riding_Rocket_0023"; $Path="/acme/ammo"; Part_Number="Rocket_Launcher_0001"; $Path="/acme" Note that the NAME=VALUE pair for the cookie with the more specific Path attribute, /acme/ammo, comes before the one with the less specific Path attribute, /acme. Further note that the same cookie name appears more than once. Also from the RFC: If multiple cookies satisfy the criteria above, they are ordered in the Cookie header such that those with more specific Path attributes precede those with less specific. Ordering with respect to other attributes (e.g., Domain) is unspecified. My example is a little specific, but is described in http://gallery.menalto.com/index.php?name=PNphpBB2&file=viewtopic&t=29223. I tested with ethereal, to look into the packets my browser actually sent to the webserver. IE and FF behave the same way. The HTTP header containing the cookies looked the same in both browsers and conformed to the RFC2965. The most specific matched cookies (path) are listed first, the least specific matching cookies last, all NAME=VALUE pairs are delimited by a semicolon. There are a number of options to retrieve cookie data in php. $_COOKIE is indexed by NAME, so you get only a single cookie if mutliple cookies have the same NAME but a different path. That's not good. And $_COOKIE['COOKIENAME'] is the least specific cookie. I guess, php just runs through the Cookie: header and does something like $_COOKIE[$NAME] = $value, replacing more specific cookies with less specific cookies. $_GLOBALS['HTTP_SERVER_VARS'] lists all cookies, according to the RFC2965 specification! That's good. Same for $_GLOBALS['_SERVER']['HTTP_COOKIE'] = $_SERVER['HTTP_COOKIE']. This is good! Example showing multiple cookies with NAME = GALLERYSID (they have different paths), I have this from print_r($_SERVER): [HTTP_COOKIE] => GALLERYSID=6fb8f64ad5107c62b812f9c4d3cd69b0; G2_hybrid=1%3B5%3B1%3B1%3B1%3B0%3B; xarayaclassic_textsize=Small classictext; GALLERYSID=8603809d6b5671bbef5d4b8465d0db89; xarayaclassic_colscheme=null So the browsers comply with RFC 2965, but PHP doesn't. What should be fixed: The most specific path matched cookie should be in the $_COOKIE array, not the least specific matched cookie! I.e. when parsing HTTP header Cookie: from left to right, do this: if (!isset($_COOKIE[$name])) { $_COOKIE[$name] = $value; } instead of just $_COOKIE[$name] = $value; ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=32802&edit=1
