1

I have a weird bug in my Laravel application where, when I use a file extension in the URL, the application is logging out automatically.

After investigating I noticed it only happens when using valid file extensions on existing routes (except for /login). It does not even reach the controller.

Does not work: /home?file=test.png (logs out and redirects to login page)
Works: /home?file=test.abc (noenter code heren-existing file extension, works fine)
Works: /login?file=test.png (shows login page, but session is not lost)
Works: /non-existing-route?file=test.png (shows 404 but session is not lost)

In my development environment (XAMPP) I'm having no issues at all, only in production. I also checked .htaccess but there is nothing going on there either.

I'm using Laravel 9 in combination with the Tenancy for Laravel package.

Suggestions would be appreciated!

Improve this question

1 Answer 1

Reset to default
0

Ensure that PHP is not using URL-based session IDs by setting session.use_trans_sid to false. You can do this in your php.ini file or directly in your Laravel application. In your php.ini file:

session.use_trans_sid = 0

Or in your Laravel application, you can add this line to your public/index.php file:

ini_set('session.use_trans_sid', false);

Also run this php artisan session:clear

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

session.use_trans_sid is already set to 0.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.