#35523 [Com]: '+' in Cookies converted to ' ' (space)

judas at dotgeek dot org Fri, 02 Dec 2005 08:55:16 -0800

 ID:               35523
 Comment by:       judas at dotgeek dot org
 Reported By:      bugs dot php dot net at honeypot-1 dot dnsalias dot
                   net
 Status:           Open
 Bug Type:         HTTP related
 Operating System: Linux 2.4
 PHP Version:      4.4.1
 New Comment:


Also reproducible using PHP 5.1.2-dev (latest CVS)


Previous Comments:
------------------------------------------------------------------------

[2005-12-02 17:04:54] bugs dot php dot net at honeypot-1 dot dnsalias
dot net

Description:
------------
As far as I know (Netscape specification) cookies are allowed to
contain the '+'-character. Up to and including PHP 4.4.0 this is the
way they were handled. But with PHP 4.4.1 pluses in the cookie value
are replaced by a single space, like in values of GET-parameters.

Reproduce code:
---------------
// run twice

header('Set-Cookie: my_cookie=ABC+DEF');
phpinfo();

Expected result:
----------------
// as up to 4.4.0

_REQUEST['my_cookie']  ==           'ABC+DEF';
_COOKIE['my_cookie']   ==           'ABC+DEF';
_SERVER["HTTP_COOKIE"] == 'my_cookie=ABC+DEF';

Actual result:
--------------
_REQUEST['my_cookie']  ==           'ABC DEF';
_COOKIE['my_cookie']   ==           'ABC DEF';
_SERVER["HTTP_COOKIE"] == 'my_cookie=ABC+DEF';


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=35523&edit=1

#35523 [Com]: '+' in Cookies converted to ' ' (space)

Reply via email to