[eluser]Unknown[/eluser]
I totally agree. I'm just curious of where this cookie is coming from. We're not creating it, and it only appears for random Chinese users...some of which are even validated via SSO. My sneaky suspicion is that it's a Chinese traffic tracking cookie.
I'm surprised it seems no one else has run into this same issue...possibly because we altered the core system input class to alert us via email when a detection occurs, so maybe others just don't know.
What would help me is if someone can identify that cookie, as well as help me evaluate if adding the pipe to the allowed characters list would be harmful. I know it's a command separator and that's typically why they aren't included. Furthermore, I know that this only really matters if the data possibly runs through an eval/system like function, which our cookie data does not.
If the cookie can be confirmed as nothing more than a tracking cookie and that the pipe by itself doesn't pose a threat, then I'll just add the character because this is a recurring issue with paying clients we have in China.
Thanks again for the help and your reply InsiteFX!