SessionConfiguration::getName

protected SessionConfiguration::getName(Request $request)

Returns the session cookie name.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request.

Return value

string The name of the session cookie.

File

core/lib/Drupal/Core/Session/SessionConfiguration.php, line 65

Class

SessionConfiguration
Defines the default session configuration generator.

Namespace

Drupal\Core\Session

Code

protected function getName(Request $request) {
  // To prevent session cookies from being hijacked, a user can configure the
  // SSL version of their website to only transfer session cookies via SSL by
  // using PHP's session.cookie_secure setting. The browser will then use two
  // separate session cookies for the HTTPS and HTTP versions of the site. So
  // we must use different session identifiers for HTTPS and HTTP to prevent a
  // cookie collision.
  $prefix = $request->isSecure() ? 'SSESS' : 'SESS';
  return $prefix . $this->getUnprefixedName($request);
}
doc_Drupal
2016-10-29 09:41:59
Comments
Leave a Comment

Please login to continue.