8000 The session id is too long or contains illegal characters · Issue #45755 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content
The session id is too long or contains illegal characters #45755
New issue
New issue
Closed
Closed
The session id is too long or contains illegal characters#45755
Labels
BugHttpFoundationStatus: Needs Review
@e1sep0

Description

@e1sep0
e1sep0
opened on Mar 16, 2022

Symfony version(s) affected

5.4.6

Description

Hi, have a problem in my project. Sometimes in log i see such messages:

[2022-03-16T03:49:44.259705+03:00] php.WARNING: Warning: SessionHandler::read(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' {"exception":"[object] (ErrorException(code: 0): Warning: SessionHandler::read(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' at /var/www/vendor/symfony/http-foundation/Session/Storage/Handler/StrictSessionHandler.php:49)"} []
[2022-03-16T03:49:44.259791+03:00] php.WARNING: Warning: session_start(): Failed to read session data: user (path: /var/www/var/sessions/prod) {"exception":"[object] (ErrorException(code: 0): Warning: session_start(): Failed to read session data: user (path: /var/www/var/sessions/prod) at /var/www/vendor/symfony/http-foundation/Session/Storage/NativeSessionStorage.php:149)"} []
[2022-03-16T03:49:44.266919+03:00] request.CRITICAL: Uncaught PHP Exception RuntimeException: "Failed to start the session." at /var/www/vendor/symfony/http-foundation/Session/Storage/NativeSessionStorage.php line 150 {"exception":"[object] (RuntimeException(code: 0): Failed to start the session. at /var/www/vendor/symfony/http-foundation/Session/Storage/NativeSessionStorage.php:150)"} []

Framework config:

framework:
    secret: '%env(APP_SECRET)%'

    session:
        handler_id: session.handler.native_file
        save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
        cookie_lifetime: 1814400
        gc_maxlifetime: 1814400
        name: LIFESESSID
        cookie_secure: 'auto'
        cookie_samesite: 'strict'
        storage_factory_id: session.storage.factory.native

    php_errors:
        log: true

How can i fix it ? Ive read that its bug of php, but maybe you know about fixing this problem in symfony ?

How to reproduce

I can`t reproduce this error, but i think, could manually set session_id and get error

Possible Solution

I think about writing a simple wrapper around NativeSessionStorage that will check the validity of the session ID before calling the handler.

Additional Context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugHttpFoundationStatus: Needs Review

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0