search

volosoft / jtable

A JQuery plugin to create AJAX based CRUD tables.
http://www.jtable.org
1.1k stars 506 forks source link

Bug COOKIE name '#' with PHP framework CodeIgniter #367

Open Vadorequest opened 11 years ago

Vadorequest commented 11 years ago

Hi,

With CodeIgniter PHP framework I've found a bug there is 6 months.

When you use '#' in the COOKIE name, it's bug.

So I've used '-' and update your source code and send you an email.

I use the 2.2.1 but you use again '#', so can you fix this ? (I fix this in my local version)

Change line 1178, perhaps somewhere else too, I've forgot ^^ function: _generateCookieKeyPrefix

PS: It's because CI protect COOKIES attack by content, and the '#' is forbidden.

hikalkan commented 11 years ago

It's not problem to change, but it will break backward compability since there are many cookies created using #. Is there any way to allow # in CI? Or I may make it optional/changable.

Vadorequest commented 11 years ago

In fact, the "#" is forbidden for security reason, it can be changed in CI config but perhaps break the CI security, I don't know why it's forbidden but if it's then I think it's useful.