Rasmus Lerdorf wrote: > > > On Mon, 19 Aug 2002, Rasmus Lerdorf wrote: > > > > > But could you at least answer the question? What is the advantage of > > > allowing user-supplied new session ids? I see no reason not to add a > > > check for this. > > > > For example, I have a set of C programs for IRCG load > > testing. It uses a simple FSM to generate HTTP requests and > > waste incoming data (like 50K concurrent connections). If > > this client could not use arbitrary session ids > > (mysid$running_number), I'd have to actually analyze HTTP > > replies and the icky Cookie header. > > Hrm.. Ok, that's what I was looking for. A realworld reason to allow the > client to specify the new sids.
There are a lot of cases when that can be useful, but that should be controllable behaviour in limited places, not a general one. Giancarlo -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php