protected function SessionConfiguration::getName

protected SessionConfiguration::getName(Request $request)

Returns the session cookie name.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request.

Return value

string The name of the session cookie.

File

core/lib/Drupal/Core/Session/SessionConfiguration.php, line 65

Class

SessionConfiguration: Defines the default session configuration generator.

Namespace

Drupal\Core\Session

Code

protected function getName(Request $request) {
  // To prevent session cookies from being hijacked, a user can configure the
  // SSL version of their website to only transfer session cookies via SSL by
  // using PHP's session.cookie_secure setting. The browser will then use two
  // separate session cookies for the HTTPS and HTTP versions of the site. So
  // we must use different session identifiers for HTTPS and HTTP to prevent a
  // cookie collision.
  $prefix = $request->isSecure() ? 'SSESS' : 'SESS';
  return $prefix . $this->getUnprefixedName($request);
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Session!SessionConfiguration.php/function/SessionConfiguration::getName/8.1.x