merged branch lancergr/ticket_8460 (PR #8969)
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes #8969). Discussion ---------- [HttpFoundation] NativeSessionStorage regenerate | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #8460 | License | MIT | Doc PR | Since session_start is called by the regenerate function, then the 'started' flag of NativeSessionStorage have to be set to true. Otherwise, the variable $_SESSION is initiated and the exception "Failed to start the session: already started by PHP ($_SESSION is set)." is thrown. This can be reproduced by clearing the session data (cookies) before authenticating with a method that does not require csrf (eg. using the confirmation link of FOSUserBundle). Commits ------- 7a0eeb3 [HttpFoundation] NativeSessionStorage regenerate
This commit is contained in:
commit
1271a4cdee
@ -217,6 +217,8 @@ class NativeSessionStorage implements SessionStorageInterface
|
|||||||
} else {
|
} else {
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$this->loadSession();
|
||||||
}
|
}
|
||||||
|
|
||||||
return $ret;
|
return $ret;
|
||||||
|
Reference in New Issue
Block a user