On Wed, 2007-02-07 at 13:49 -0600, Fletcher Mattox wrote:
> I wrote:
>
> > A campus web server (not under my control) returns an authentication
> > string in a cookie named AUTH. The cookie's value is an encrypted,
> > base64 encoded string. Unfortunately, when I examine $_COOKIE['AUTH'],
> > it is clear that all of the '+' characters have been replaced with a ' '
> > character in the base64 string. Why is this? Obviously, this corrupts
> > the data and makes it impossible to base64-decode the string correctly.
> > I believe this is a php issue and not, say, an apache issue because a
> > perl program can correctly authenticate the same cookie based on perl's
> > $ENV{'HTTP_COOKIE'}. i.e., the perl cookie contains the original '+'.
> > Does anyone know how to make php (v5.1.5) do the right thing with base64
> > encoded cookies?
>
> This problem seems to be
>
> http://bugs.php.net/bug.php?id=35523
>
> where it was dismissed as "Bogus" without any explanation why. It seems
> that '+' characters are intentionally converted to spaces in all cookies.
> This makes no sense to me. Can someone explain it?
I haven't looked, but there's a good chance it's part of the specs. Same
thing happens in URLs.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
