mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merge pull request #8736 from caffeineinc/bugfix/4.3-session-timeout-regression
Existing sessions need to set a new cookie on each request, if the
This commit is contained in:
commit
4aaa419360
@ -324,6 +324,12 @@ class Session
|
||||
}
|
||||
|
||||
session_start();
|
||||
|
||||
// Session start emits a cookie, but only if there's no existing session. If there is a session timeout
|
||||
// tied to this request, make sure the session is held for the entire timeout by refreshing the cookie age.
|
||||
if ($timeout && $this->requestContainsSessionId($request)) {
|
||||
Cookie::set(session_name(), session_id(), $timeout / 86400, $path, $domain ?: null, $secure, true);
|
||||
}
|
||||
} else {
|
||||
// If headers are sent then we can't have a session_cache_limiter otherwise we'll get a warning
|
||||
session_cache_limiter(null);
|
||||
|
Loading…
Reference in New Issue
Block a user