My problem is that I have a website and when I refresh the a page, the session get destroyed. This means I lost my cart, my wishlist, etc… It happens in Safari and Firefox too, but on my PC the session stays there. This is not an incognito tab/window, I not deleting my cookies and/or session data between refreshes and not specified in the browser settings to delete cookie (or another data) in any case.
I’m using Yii2 (latest installed via composer) with PHP 7.4 under an nginx with FPM. php.ini config (the session):
session.save_handler = files ;session.save_path = "/var/lib/php/sessions" session.use_strict_mode = 0 session.use_cookies = 1 session.cookie_secure = 0 session.use_only_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 5184000 session.cookie_path = / session.cookie_domain = session.cookie_httponly = 0 session.cookie_samesite = "Strict" session.serialize_handler = php session.gc_probability = 1/100 session.gc_divisor = 1000 session.gc_maxlifetime = 5184000 session.referer_check = session.cache_limiter = nocache session.cache_expire = 5184000 session.use_trans_sid = 0 session.sid_length = 26 session.trans_sid_tags = "a=href,area=href,frame=src,form=" ;session.trans_sid_hosts="" session.sid_bits_per_character = 5 ;session.upload_progress.enabled = On ;session.upload_progress.cleanup = On ;session.upload_progress.prefix = "upload_progress_" ;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" ;session.upload_progress.freq = "1%" ;session.upload_progress.min_freq = "1" ;session.lazy_write = On
My Yii2 config (frontend/config/main.php):
return [ // ... 'modules' => [ // ... 'session' => [ 'class' => 'yiiwebSession', 'timeout' => 5184000, ], //.. ], // .. 'components' => [ // .. 'session' => [ 'name' => 'advanced-frontend', ], // .. ], //.. ];
My TestController in the frontend for my tests:
<?php namespace frontendcontrollers; use Yii; use yiiwebController; class TestController extends Controller { /** * Test index action */ public function actionIndex() { if(!Yii::$app->session->has('asd')) { echo 'do not has ASD'; Yii::$app->session->set('asd', 1); } else { echo 'has ASD'; } echo '<br />' . Yii::$app->session->id; dd($_COOKIE, Yii::$app->request->cookies); } }
I tried various configs in the php.ini and in the Yii2 main config, but no luck. Any idea apprisiated!
Advertisement
Answer
After questioned several people and a ot of debugging, the problem was the session.cookie_samesite = "Strict"
when I changed this to session.cookie_samesite = "None"
the problem is solved like magic.