Regenerating session on subdomains

5 years ago

Pavel Janda
Backer | 877
+
+1
-

Hi,

i came across pretty weird behaviour of storing/regenerating session.

Here is some configuration:

vhosts:

127.0.0.1 domain.dev
127.0.0.1 www.domain.dev
127.0.0.1 franta.domain.dev

config:

session:
	expiration: 14 days
	cookiePath: '/'
	cookieDomain: '.domain.dev'
	savePath: "%tempDir%/sessions"

Scenario 1:

  1. When visiting domain.dev, session is regenerating for every request.
  2. When visiting www.domain.dev, session is regenerating for every request.
  3. When visiting franta.domain.dev, session is regenerating for every request.
  4. When visiting localhost/domain/public, session is regenerating for every request.

Now lets make a slight modification of config.neon: comment out line with cookieDomain:

session:
	expiration: 14 days
	cookiePath: '/'
	# cookieDomain: '.domain.dev'
	savePath: "%tempDir%/sessions"

Scenario 2:

  1. When visiting www.domain.dev, session does NOT regenerate and works as it should.

Now lets take back changes in config.neon:

session:
	expiration: 14 days
	cookiePath: '/'
	cookieDomain: '.domain.dev'
	savePath: "%tempDir%/sessions"

Scenario 3:

  1. When visiting domain.dev, session is regenerating for every request.
  2. When visiting www.domain.dev, session is NOT regenerating for every request.
  3. When visiting franta.domain.dev, session is regenerating for every request.
  4. When visiting localhost/domain/public, session is regenerating for every request.

Question is, am i fool or am i missing something? I just want to keep session data for all subdomains.

Edit:
That problem occured on:

  1. Chrome 41.0.2272.89 (OS X, 10.10.2) in combination with
  2. Nette 2.3.0 (Pure PHP worked well) and just on vhost with
  3. Apache\2.4.9 and
  4. PHP 5.6.6.

Solved:
Cleaning all chrome caches did not help, reinstalling Chrome did.

Last edited by Beton (2015-03-17 14:48)

4 years ago

vvoody
Member | 911
+
0
-

Cleaning browser cache != cleaning cookies

In chrome: dev tools ⇒ Resources ⇒ Cookies ⇒ right click…

4 years ago

Jan Mikeš
Member | 777
+
0
-

I had same issue some time ago, what helped to me was renaming the session, so my config looks like:

session:
		expiration: 14 days
		save_path: '%appDir%/../temp/sessions'
		name: "XYZSOMERANDOMNAME"
		cookiePath: '/'
		cookieDomain: '.%domain%'

Because if you dont rename (or do not clear cookies, as @vvoody said above), they are fixed to old domain.