bug #24878 [HttpFoundation] Prevent PHP from sending Last-Modified on session start (nicolas-grekas)
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Prevent PHP from sending Last-Modified on session start
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24849
| License | MIT
| Doc PR | -
I really don't know why PHP sends this Last-Modified header.
Let's bypass that and throw headers ourselves instead.
Commits
-------
2c0dc745d6
[HttpFoundation] Prevent PHP from sending Last-Modified on session start
This commit is contained in:
commit
8e9f9765b5
@ -32,6 +32,9 @@ abstract class AbstractSessionHandler implements \SessionHandlerInterface, \Sess
|
|||||||
public function open($savePath, $sessionName)
|
public function open($savePath, $sessionName)
|
||||||
{
|
{
|
||||||
$this->sessionName = $sessionName;
|
$this->sessionName = $sessionName;
|
||||||
|
if (!headers_sent() && !ini_get('session.cache_limiter')) {
|
||||||
|
header(sprintf('Cache-Control: max-age=%d, private, must-revalidate', 60 * (int) ini_get('session.cache_expire')));
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -107,7 +107,7 @@ class NativeSessionStorage implements SessionStorageInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
$options += array(
|
$options += array(
|
||||||
'cache_limiter' => 'private_no_expire',
|
'cache_limiter' => '',
|
||||||
'cache_expire' => 0,
|
'cache_expire' => 0,
|
||||||
'use_cookies' => 1,
|
'use_cookies' => 1,
|
||||||
'lazy_write' => 1,
|
'lazy_write' => 1,
|
||||||
|
@ -38,14 +38,13 @@ ini_set('session.use_strict_mode', 1);
|
|||||||
ini_set('session.lazy_write', 1);
|
ini_set('session.lazy_write', 1);
|
||||||
ini_set('session.name', 'sid');
|
ini_set('session.name', 'sid');
|
||||||
ini_set('session.save_path', __DIR__);
|
ini_set('session.save_path', __DIR__);
|
||||||
ini_set('session.cache_limiter', 'private_no_expire');
|
ini_set('session.cache_limiter', '');
|
||||||
|
|
||||||
header_remove('X-Powered-By');
|
header_remove('X-Powered-By');
|
||||||
header('Content-Type: text/plain; charset=utf-8');
|
header('Content-Type: text/plain; charset=utf-8');
|
||||||
|
|
||||||
register_shutdown_function(function () {
|
register_shutdown_function(function () {
|
||||||
echo "\n";
|
echo "\n";
|
||||||
header_remove('Last-Modified');
|
|
||||||
session_write_close();
|
session_write_close();
|
||||||
print_r(headers_list());
|
print_r(headers_list());
|
||||||
echo "shutdown\n";
|
echo "shutdown\n";
|
||||||
|
@ -11,7 +11,7 @@ close
|
|||||||
Array
|
Array
|
||||||
(
|
(
|
||||||
[0] => Content-Type: text/plain; charset=utf-8
|
[0] => Content-Type: text/plain; charset=utf-8
|
||||||
[1] => Cache-Control: private, max-age=10800
|
[1] => Cache-Control: max-age=10800, private, must-revalidate
|
||||||
[2] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
|
[2] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
|
||||||
)
|
)
|
||||||
shutdown
|
shutdown
|
||||||
|
@ -9,6 +9,6 @@ close
|
|||||||
Array
|
Array
|
||||||
(
|
(
|
||||||
[0] => Content-Type: text/plain; charset=utf-8
|
[0] => Content-Type: text/plain; charset=utf-8
|
||||||
[1] => Cache-Control: private, max-age=10800
|
[1] => Cache-Control: max-age=10800, private, must-revalidate
|
||||||
)
|
)
|
||||||
shutdown
|
shutdown
|
||||||
|
@ -18,7 +18,7 @@ close
|
|||||||
Array
|
Array
|
||||||
(
|
(
|
||||||
[0] => Content-Type: text/plain; charset=utf-8
|
[0] => Content-Type: text/plain; charset=utf-8
|
||||||
[1] => Cache-Control: private, max-age=10800
|
[1] => Cache-Control: max-age=10800, private, must-revalidate
|
||||||
[2] => Set-Cookie: sid=random_session_id; path=/; secure; HttpOnly
|
[2] => Set-Cookie: sid=random_session_id; path=/; secure; HttpOnly
|
||||||
)
|
)
|
||||||
shutdown
|
shutdown
|
||||||
|
@ -15,6 +15,6 @@ $_SESSION is not empty
|
|||||||
Array
|
Array
|
||||||
(
|
(
|
||||||
[0] => Content-Type: text/plain; charset=utf-8
|
[0] => Content-Type: text/plain; charset=utf-8
|
||||||
[1] => Cache-Control: private, max-age=0
|
[1] => Cache-Control: max-age=0, private, must-revalidate
|
||||||
)
|
)
|
||||||
shutdown
|
shutdown
|
||||||
|
@ -9,7 +9,7 @@ close
|
|||||||
Array
|
Array
|
||||||
(
|
(
|
||||||
[0] => Content-Type: text/plain; charset=utf-8
|
[0] => Content-Type: text/plain; charset=utf-8
|
||||||
[1] => Cache-Control: private, max-age=10800
|
[1] => Cache-Control: max-age=10800, private, must-revalidate
|
||||||
[2] => Set-Cookie: abc=def
|
[2] => Set-Cookie: abc=def
|
||||||
)
|
)
|
||||||
shutdown
|
shutdown
|
||||||
|
@ -150,7 +150,7 @@ class NativeSessionStorageTest extends TestCase
|
|||||||
$this->iniSet('session.cache_limiter', 'nocache');
|
$this->iniSet('session.cache_limiter', 'nocache');
|
||||||
|
|
||||||
$storage = new NativeSessionStorage();
|
$storage = new NativeSessionStorage();
|
||||||
$this->assertEquals('private_no_expire', ini_get('session.cache_limiter'));
|
$this->assertEquals('', ini_get('session.cache_limiter'));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testExplicitSessionCacheLimiter()
|
public function testExplicitSessionCacheLimiter()
|
||||||
|
Reference in New Issue
Block a user