• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Session match IP or User Agent in IE 9 kills!

$config['sess_match_ip']    = FALSE;
$config['sess_match_useragent']    = FALSE;

If either of the above are set and the user is in IE9 sessions blow up on refresh (either page refresh by user or by redirect('', 'refresh')).

The session table name, cookie and csrf cookie and token have all been renamed to "mysess" removing non-IE friendly characters.

Any thoughts?

Thank you.

Check the definition of the session table. The agent field (which was 50 char in 1.7/2.0) has been enlarged to deal with the very long strings of IE9. Make it varchar(255).

I have it at 255; I've overridden the session Lib with a modified version adding and comparing at 255 instead of 50 ( the only two changes ). Interestingly I found 9 reports a string less than 128 when users hit the site but after they've logged in (using fb connect) the user agent explodes in size with a bunch of .Net junk added. This obviously kills the user agent comparison.

Did they modifiy the session lib in the latest reactor? I just upgraded last week.

Stripping at X char makes sense when the agent is appended for whatever reason but what X should be I don't know. This is just a theory.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.