- 🇮🇹Italy apaderno Brescia, 🇮🇹
I replaced the used issue tag with the official one. I apologize for bumping this issue.
The release of symfony/http-foundation v4.4.42 validates and recreates the session ID when it's not valid.
\Drupal\Core\Session\SessionManager::getId()
generates a random session ID if a session is not started yet.
The ID generated through \Drupal\Component\Utility\Crypt::randomBytesBase64()
can contain invalid characters such as underscores.
The next time that the session is started, the Symfony component will regenerate the id and the session data will be lost.
Calling \Drupal\Core\Session\SessionManager::getId()
is already deprecated as indicated in code and in
this change record →
.
This issue was encountered during tests while using the cas module version 1.7.0 but it can be reproduced by calling \Drupal\Core\Session\SessionManager::getId()
before a session exists.
None at the moment, I'm creating this just as a reference for users that might run into the same.
It can be fixed by
Writing a test is hard as the ID generation is random so it fails only sometimes.
To be discussed, since now calling the above method can actually create issues.
None.
TBD.
None.
Fixed
9.4
base system
It denotes an issue that prevents porting of a contributed project to the stable version of Drupal due to missing APIs, regressions, and so on.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
I replaced the used issue tag with the official one. I apologize for bumping this issue.