Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bug #27246 Disallow invalid characters in session.name (ostrolucky)
This PR was merged into the 2.7 branch. Discussion ---------- Disallow invalid characters in session.name | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #27023 | License | MIT | Doc PR | PHP saves cookie with correct name, but upon deserialization to `$_COOKIE`, it replaces "." characters with "_". This is probably also reason why \SessionHandler is not able to find a session. https://harrybailey.com/2009/04/dots-arent-allowed-in-php-cookie-names/ https://bugs.php.net/bug.php?id=75883 Commits ------- 16ebb43 Disallow illegal characters like "." in session.name
- Loading branch information
Showing
2 changed files
with
59 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters