[eluser]FranckRR[/eluser]
Hello all,
I've red some topics on this subject.
I understand that if $_COOKIES contains unallowed characters, CI would prevent me to face further issue.
But why the HTTP code is 200 ?
I was expecting a 400 Bad Request instead as the request can be redone without modification.
More generally all the exit() or die() in the framework mustn't return HTTP 200 because that means we haven't faced an issue.
My solution was to extend MY_Input, set header("HTTP 400") before exiting ...
Genrally speaking, CI is a little bit uncomplete on error management