SessionConfiguration::getName

protected SessionConfiguration::getName(Request $request)

Returns the session cookie name.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request.

Return value

string The name of the session cookie.

File

core/lib/Drupal/Core/Session/SessionConfiguration.php, line 65

Class

SessionConfiguration: Defines the default session configuration generator.

Namespace

Drupal\Core\Session

Code

protected function getName(Request $request) {
  // To prevent session cookies from being hijacked, a user can configure the
  // SSL version of their website to only transfer session cookies via SSL by
  // using PHP's session.cookie_secure setting. The browser will then use two
  // separate session cookies for the HTTPS and HTTP versions of the site. So
  // we must use different session identifiers for HTTPS and HTTP to prevent a
  // cookie collision.
  $prefix = $request->isSecure() ? 'SSESS' : 'SESS';
  return $prefix . $this->getUnprefixedName($request);
}

Links:

https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21Session%21SessionConfiguration.php/function/SessionConfiguration%3A%3AgetName/8.2.x

doc_Drupal

2016-10-29 09:41:59

Comments