Add some doc comments on Cookie::validateCookieDomain() and Http::isValidUri(), which...

diff --git a/includes/Cookie.php b/includes/Cookie.php
index 10d95a7..95a4599 100644 (file)
--- a/includes/Cookie.php
+++ b/includes/Cookie.php
@@ -62,6 +62,9 @@ class Cookie {
         * A better method might be to use a blacklist like
         * http://publicsuffix.org/
         *
+        * @fixme fails to detect 3-letter top-level domains
+        * @fixme fails to detect 2-letter top-level domains for single-domain use (probably not a big problem in practice, but there are test cases)
+        *
         * @param $domain String: the domain to validate
         * @param $originDomain String: (optional) the domain the cookie originates from
         * @return Boolean

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index b36011e..75dbbdf 100644 (file)
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -125,6 +125,9 @@ class Http {
         * protocols, because we only want protocols that both cURL
         * and php support.
         *
+        * @fixme this is wildly inaccurate and fails to actually check most stuff
+        * @fixme do we actually intend to have FTP support here? Does it work consistently?
+        *
         * @param $uri Mixed: URI to check for validity
         * @returns Boolean
         */