PHPSESSID Cookie gets send multiple times

Question

In my current application the PHPSESSID Cookie gets send multiple times. Here's a sample response:

HTTP/1.1 200 OK
Date: Tue, 11 Jun 2013 08:18:29 GMT
Server: Apache/2.2.17 (Ubuntu)
X-Powered-By: PHP/5.3.15-1~dotdeb.0
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/ PHPSESSID=625qvi6328pdq2t7psh4t3voi6; path=/ PHPSESSID=625qvi6328pdq2t7psh4t3voi6; path=/ PHPSESSID=625qvi6328pdq2t7psh4t3voi6; path=/
Cache-Control: no-cache
x-debug-token: 9dcc688323f1dad273d4c8fc7117f405a52ce998
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

As you can see, there are three PHPSESSIDs.

I tried to reproduce this behavior with a single file with three session_start(); calls:

<?php

session_start();
session_start();
session_start();

but the cookie was send only once.

Any idea how this could happen?

score 1 · Accepted Answer · answered Jun 11 '13 at 13:01

1

I found the culprit. Somewhere deep in the legacy code was a session_commit which was called multiple times.

answered Jun 11 '13 at 13:01

prehfeldt

2,184
2
28
48

PHPSESSID Cookie gets send multiple times

1 Answers1