Posted by Erwin Moller on 03/23/07 14:22

Erwin Moller wrote:

> peter wrote:
>
>> > I have a page that 'demands' a session exists:
>>> Something like:
>>>
>>> if (isset($_SESSION['isAdmin']) && ($_SESSION['isAdmin'] == 'Y')){
>>> // OK, continue
>>> } else {
>>> // No good. Redirect to loginpage
>>> header("Location: etc/etc/etc/example");
>>> }
>>>
>>> All very basic.
>>>
>>> But if I try to view the source of my page in FF by pressing rightmouse
>>> button -> view source, I receive the source of the login page!
>>>
>>> I get the impression 'view source' makes a fresh request to get the
>>> source but is not sending the PHPSESSID along with the request, thus
>>> delivering the HTML of the loginpage to where I redirect.
>>>
>>> The box in question runs W2000 with FF2.
>>>
>>> Did anybody in here experience this weird behaviour (PHP session lost
>>> when viewing source) with Firefox2 too?
>>
>> Veiw source only shows the source of the page it retrieved it does not
>> request the page again to get it.
>
> That is what I have always thought too....
>

Looks like my hypothesis about re-requesting the page is correct: I checked
my webservers accesslog, and find excactly what you would expect for a new
request: 2 new line are added for each time I click 'view source'.
- the first is a 302 (created by the Location header)
- the second is a 200 (the loginpage)

This happens every time I click 'view source'.

Why is FF doing this?
I am shooting in the dark here. :-/

Regards,
Erwin Moller

[Back to original message]