|
|
Posted by Gordon Burditt on 11/09/35 11:44
>So should I try and turn off trans_sid?
I don't understand why you consider "session being appended to
links" to be a problem (although it can be a security issue due to
bookmarking or session hijacking if you don't invalidate sessions
after an explicit logout or a timeout). But if you don't want it,
turn off session.use_trans_sid in php.ini (but it's not on by default
in any setup I know, so at some point someone intentionally turned
it on).
>I've seen mention of that but
>from what I found it was some type of apache bug but it was happening
>on both servers.
trans_sid is not a bug, and it's a PHP feature, not an Apache feature.
>Wish I could track this down, but what your saying
>about until it determines if cookies work makes since cause it goes
>away after you change pages. It seems to only happen with the first
>browser viewing of the domain.
On the first view of the domain, it SETS the session cookie, but
that page view doesn't SEE the cookie until the next hit (this is
the way cookies work).
Gordon L. Burditt
Navigation:
[Reply to this message]
|