tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-01 13:48:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #6138 from dhensby/pulls/3.4/fix-sessions-on-alternate-base-urls

Browse Source 
FIX Absolute alternate_base_url no longer breaks session cookies
This commit is contained in:
Damian Mooyman 2016-10-05 11:26:27 +13:00 committed by GitHub
commit 17c6580d3a
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
control/Session.php
View File

@ -359,6 +359,15 @@ class Session {
$path = Config::inst()->get('Session', 'cookie_path');
if(!$path) $path = Director::baseURL();
$domain = Config::inst()->get('Session', 'cookie_domain');
// Director::baseURL can return absolute domain names - this extracts the relevant parts
// for the session otherwise we can get broken session cookies
if (Director::is_absolute_url($path)) {
$urlParts = parse_url($path);
$path = $urlParts['path'];
if (!$domain) {
$domain = $urlParts['host'];
}
}
$secure = Director::is_https() && Config::inst()->get('Session', 'cookie_secure');
$session_path = Config::inst()->get('Session', 'session_store_path');
$timeout = Config::inst()->get('Session', 'timeout');