* Michael McLagan [EMAIL PROTECTED] [2002-09-21 11:45]:
There is a bug in Apache::Cookie. It doesn't handle a cookie with
zero bytes in it!
This is because Apache::Cookie is implemented in C, and C uses NULL as
the end of string terminator.
This is probably something that needs to be done in
Hello,
There is a bug in Apache::Cookie. It doesn't handle a cookie with zero
bytes in it!
$value = ABCD . chr(0) . EFGH;
$cookie = Apache::Cookie-new($request, -name= 'oatmeal', -value= $value,
-domain=$ENV{'SERVER_NAME'}, -path=/);
print $cookie-as_string;
The output looks like:
Once upon a time, I wrote:
There is a bug in Apache::Cookie. It doesn't handle a cookie
with zero bytes in it!
A clarification, it's not a zero length cookie that is mishandled, it's a
cookie with an embedded NUL (zero) character.
Michael
