44
linuxxx
7y

This fucker right here. Two pages under the same site return different session data:

Session cookie is the same.
The session file itself doesn't change.
Same machine is being used.
I don't change the session variables at any moment.

HOW?!

Comments
  • 3
    @XiovV I've honestly never had this one 😞
  • 3
    One is www.domain.nl and the other domain.nl?
  • 1
    @MisterArie Local testing and remote testing, in both cases the url is exactly the same :/

    Localhost vs localhost and thedomain.nl vs thedomain.nl
  • 4
    @linuxxx
    Both https?
  • 1
    Check what domain the cookie itself is set to/allowed for? (:
  • 7
    @nbamaral localhost not but I found the fucker!

    Made an ajax request to 'nope' but I didn't realize it would call the index page.

    Found it by monitoring the access logs and noticing a second request when loading the page xD
  • 1
    @CoffeeNcode Yay 😊
  • 1
    I have actually experienced a similar one;
    I did not realize for quite a long time, that I set the cookie INSIDE a running for-loop, which led to creating a new cookie over and over again. This made it literally impossible (in that system), to send a request to a certain key, in which the cookie value was embedded.
Add Comment