Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support Session data lost on redirect
Session data lost on redirect
  • Offline Jan Zelenka
    Junior Member
  • **
  • Posts: 24
    Threads: 8
    Joined: May 2020
    Reputation: 0
#1
08-24-2020, 07:27 AM

Hi,
I'm struggling to to properly redirect from a filter. I'm trying to store some data in the SESSION before returning from the filter with the idea to use the data in the page redirected to.

Everything works fine when I use secure connection (https). Without a secure connection the data written to teh SESSION is gone when I try to read it on the redirection target page. These are my coockie and session settings:

PHP Code:
    public $sessionDriver            'CodeIgniter\Session\Handlers\FileHandler';
    public $sessionCookieName        'ci_session';
    public $sessionExpiration        7200;
    public $sessionSavePath          WRITEPATH 'session';
    public $sessionMatchIP           false;
    public $sessionTimeToUpdate      300;
    public $sessionRegenerateDestroy false;
    public $cookiePrefix   'nexus_';
    public $cookieDomain   '';
    public $cookiePath     '/';
    public $cookieSecure   false;
    public $cookieHTTPOnly false

Any help is much appreciated.
Reply
  • Offline Chroma
    Member
  • ***
  • Posts: 116
    Threads: 7
    Joined: Nov 2014
    Reputation: 1
#2
08-27-2020, 04:28 AM

I don't know if this is of any help, but I have seen that often, if a cookie is set under HTTP, then it cannot be accessed under HTTPS, regardless of the flags you set for security etc. I am not sure why this is, but that's what I have seen.
Reply
  • Offline Jan Zelenka
    Junior Member
  • **
  • Posts: 24
    Threads: 8
    Joined: May 2020
    Reputation: 0
#3
08-27-2020, 05:35 AM
(This post was last modified: 08-27-2020, 07:28 AM by Jan Zelenka.)

Thanks for your reply.
It did help in the sense that I took a deeper look at things and realized that when using HTTPS, the $_COOKIES array is nicely populated and contains the session cookie while with HTTP there this array has no members.

Anyone an idea why this would be the case?
So, the answer in the first reply to my question actually did help.
There was a secure session cookie stored in the browser from the time when I tested with HTTPS. Once I deleted this cookie from the browser, my site started to work on HTTP.

Case closed and thanks one more time!
Reply
  • Offline Chroma
    Member
  • ***
  • Posts: 116
    Threads: 7
    Joined: Nov 2014
    Reputation: 1
#4
08-27-2020, 06:13 AM

I am glad that it is now working and that you have found a solution.

Smile
Reply
  • Offline tgix
    Member
  • ***
  • Posts: 158
    Threads: 28
    Joined: May 2016
    Reputation: 4
#5
08-27-2020, 07:23 AM

(08-27-2020, 05:35 AM)Jan Zelenka Wrote: Thanks for your reply.
It did help in the sense that I took a deeper look at things and realized that when using HTTPS, the $_COOKIES array is nicely populated and contains the session cookie while with HTTP there this array has no members.

Anyone an idea why this would be the case?

Have you checked the console of the browser for any messages? Could be related to SameSite setting on the cookie.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB