Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support Session destroyed after post from different ip
Session destroyed after post from different ip
  • Offline z10892
    Newbie
  • *
  • Posts: 6
    Threads: 2
    Joined: Jun 2020
    Reputation: 0
#1
04-24-2021, 07:57 AM
(This post was last modified: 04-24-2021, 08:01 AM by z10892.)

Hello.
My session gets destroyed when I send form using post method from website that is hosted on different ip. If I send it from other website with same ip or change method to get then session is not destroyed. Result is the same no matter on url destination.
Is it some kind of additional security protection or do I have some bug? I was trying to find the reason of this behavior but failed to do so.
I'm using version 4.1.1 with csrf disabled
Reply
  • Offline InsiteFX
    Super Moderator
  • ******
  • Posts: 6,328
    Threads: 291
    Joined: Oct 2014
    Reputation: 235
#2
04-24-2021, 08:47 PM

Sessions will not work across domains. Best bet is to save the data in a shared database then pull it.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
  • Offline z10892
    Newbie
  • *
  • Posts: 6
    Threads: 2
    Joined: Jun 2020
    Reputation: 0
#3
04-25-2021, 05:04 AM

I'm not sure if we understood each other. I'm logged on domain a, then I go to domain b and send form to domain a, after that I get logged out on domain a.
Reply
  • Offline FlorianL
    Newbie
  • *
  • Posts: 7
    Threads: 2
    Joined: Apr 2021
    Reputation: 0
#4
04-26-2021, 06:35 AM

On localhost ?
If you change the sessionCookieName on config/App for one of your domain the problem persist ?
Reply
  • Offline z10892
    Newbie
  • *
  • Posts: 6
    Threads: 2
    Joined: Jun 2020
    Reputation: 0
#5
04-26-2021, 08:29 AM

I'm working on remote. Session cookie name is correct.
Reply
  • Offline InsiteFX
    Super Moderator
  • ******
  • Posts: 6,328
    Threads: 291
    Joined: Oct 2014
    Reputation: 235
#6
04-26-2021, 12:18 PM

You can read this it is a solution for a similar problem like yours.

How to Track your Users over Several Domains?
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
  • Offline z10892
    Newbie
  • *
  • Posts: 6
    Threads: 2
    Joined: Jun 2020
    Reputation: 0
#7
04-26-2021, 02:03 PM

I'm not trying to share cookies across domains. I'm just trying to keep original session on domain "a" after posting some data from domain "b". Currently session gets destroyed after posting data. I can't find a reason why is this happening.
Reply
  • Offline InsiteFX
    Super Moderator
  • ******
  • Posts: 6,328
    Threads: 291
    Joined: Oct 2014
    Reputation: 235
#8
04-26-2021, 08:48 PM
(This post was last modified: 04-26-2021, 08:49 PM by InsiteFX.)

1) read the server log files.
2) set the env file to CI_ENVIRONMENT = development for debugging, rename to .env.
3) turn on CodeIgniters logger set the threshold  t0 9.
4) hit F12 in your web browser to see what is going on console and network tabs.

Also Sessions do use Cookies.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
  • Offline z10892
    Newbie
  • *
  • Posts: 6
    Threads: 2
    Joined: Jun 2020
    Reputation: 0
#9
04-27-2021, 05:26 PM

It was caused by cookieSameSite set to LAX. Thanks for trying to help.
Reply
  • Offline InsiteFX
    Super Moderator
  • ******
  • Posts: 6,328
    Threads: 291
    Joined: Oct 2014
    Reputation: 235
#10
04-27-2021, 08:42 PM

Glad you got it fix that's CORS doing it's thing again.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply




Theme © iAndrew 2016 - Forum software by © MyBB