View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005584 | OXID eShop (all versions) | 4.11. Image handling | public | 2013-12-19 17:23 | 2024-01-24 15:26 |
| Reporter | arvydas_vapsva | Assigned To | |||
| Priority | urgent | Severity | crash | Reproducibility | sometimes |
| Status | resolved | Resolution | unable to reproduce | ||
| Product Version | 4.8.1 / 5.1.1 | ||||
| Summary | 0005584: User sessions are killed | ||||
| Description | After browsing in a shop after some time user is logged off. | ||||
| Steps To Reproduce | Might be possible to reproduce in regular environment, but we test on a system running Varnish in front and two web servers. 1. open the shop, browse a bit; 2. log in and browse a bit again; 3. delete the contents of folder "out/pictures/generated/" 4. restart varnish; 5. you should be logged out after next few clicks. | ||||
| Additional Information | The problem is - image generator. for some reason it kills previous session and sends new cookie with new session id, but after click browser does not send new, send old cookie. P.S. for details - contact me or Saulius S. | ||||
| Tags | No tags attached. | ||||
| Theme | All | ||||
| Browser | All | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
|
|
Can be fixed by modifying .htaccess: RewriteRule (\.jpe?g|\.gif|\.png)$ getimg.php changing to: RewriteRule (\.jpe?g|\.gif|\.png)$ getimg.php?skipSession=1 |
|
|
to reproduce it it might be important that you enable blForceSessionStart in config.inc.php because this kind of problems you will always get if you remove session information from a request (see vcl "oxNormalizeRequestRecv" at the end cookies are doped for static files) but the request will create a new session. btw for high performance sites it is NOT recommend to set blForceSessionStart to true. |
|
|
We were not able to reproduce this in a recent version of the shop. |
