1--TEST-- 2Cookies Security Bug 3--INI-- 4max_input_vars=1000 5filter.default=unsafe_raw 6--COOKIE-- 7__%48ost-evil=evil; __Host-evil=good; %66oo=baz;foo=bar 8--FILE-- 9<?php 10var_dump($_COOKIE); 11?> 12--EXPECT-- 13array(4) { 14 ["__%48ost-evil"]=> 15 string(4) "evil" 16 ["__Host-evil"]=> 17 string(4) "good" 18 ["%66oo"]=> 19 string(3) "baz" 20 ["foo"]=> 21 string(3) "bar" 22} 23
