为什么Magento每个会话使用2个Cookie？ [英] Why does Magento use 2 cookies per session?

问题描述

为了数据安全和隐私的原因，我想知道为什么Magento使用两个cookie一个前端会话。

我知道的是，其中一个被设置 Mage_Core_Model_Cookie :: set（..），另一个在 Zend_Session :: expireSessionCookie（）似乎不知道他们的用途。

我只是想不出任何理由，为什么需要一个同一个域的第二个cookie。

解决方案

我能够通过逆转 session_start（）调用和在 Mage_Core_Model_Session_Abstract_Varien :: start（..）中设置cookie的语句。这两行现在看起来像这样：

  $ cookie-> set（session_name（），$ this-> getSessionId ））; 
 session_start（）; 
  

现在只创建一个cookie，似乎没有任何副作用。 p>

BTW：另一个cookie不是我在Zend_Session中创建的，而是它们都来自 Mage_Core_Model_Session_Abstract_Varien :: start（..） code>。

For data security and privacy reasons I want to know why Magento uses two cookies for one frontend session.

All I know is that one of them is being set in Mage_Core_Model_Cookie::set(..) and the other one in Zend_Session::expireSessionCookie(), but still I can't seem to figure out what they are used for.

I just can't think of any reason why one would need a second cookie for the same domain.

解决方案

I was able to fix this by reversing the order of the session_start() call and the statement that sets the cookie in Mage_Core_Model_Session_Abstract_Varien::start(..). Those two lines now look like this:

$cookie->set(session_name(), $this->getSessionId());
session_start();

It now only creates one single cookie and it does not seem to have any side-effects.

BTW: The other cookie was not created in Zend_Session as I assumed, but instead both of them came from Mage_Core_Model_Session_Abstract_Varien::start(..).

这篇关于为什么Magento每个会话使用2个Cookie？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！