8000 feature #4661 Added a short cookbook about avoiding the automatic sta… · symfony/symfony-docs@018cf3f · GitHub
[go: up one dir, main page]
Skip to content

Commit 018cf3f

Browse files
weaverryanweaverryan
committed
feature #4661 Added a short cookbook about avoiding the automatic start of the sessions (javiereguiluz)
This PR was merged into the 2.3 branch. Discussion ---------- Added a short cookbook about avoiding the automatic start of the sessions | Q | A | ------------- | --- | Doc fix? | no | New docs? | yes | Applies to | all | Fixed tickets | #2607 Besides all the usual review, I'd like to ask doc reviewers to tell me if there is some way to avoid starting the session in the last case about defining a firewall that covers all URLs. Thanks in advance! Commits ------- bbba47a Added all sugestions made by reviewers 7dd3945 Added the new cookbook article to the global map 0212779 Tweaks and rewordings to improve the article 99781f8 Added a short cookbook about avoiding the automatic start of the sessions
2 parents 208904a + bbba47a commit 018cf3f

File tree

3 files changed

+41
-1
lines changed

3 files changed

+41
-1
lines changed

cookbook/map.rst.inc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -175,6 +175,7 @@
175175
* :doc:`/cookbook/session/sessions_directory`
176176
* :doc:`/cookbook/session/php_bridge`
177177
* (configuration) :doc:`/cookbook/configuration/pdo_session_storage`
178+
* :doc:`/cookbook/session/avoid_session_start`
178179

179180
* **symfony1**
180181

cookbook/session/avoid_session_start.rst

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
.. index::
2+
single: Sessions, cookies
3+
4+
Avoid Starting Sessions for Anonymous Users
5+
===========================================
6+
7+
Sessions are automatically started whenever you read, write or even check for the
8+
existence of data in the session. This means that if you need to avoid creating
9+
a session cookie for some users, it can be difficult: you must *completely* avoid
10+
accessing the session.
11+
12+
For example, one common problem in this situation involves checking for flash
13+
messages, which are stored in the session. The following code would guarantee
14+
that a session is *always* started:
15+
16+
.. code-block:: html+jinja
17+
18+
{% for flashMessage in app.session.flashbag.get('notice') %}
19+
<div class="flash-notice">
20+
{{ flashMessage }}
21+
</div>
22+
{% endfor %}
23+
24+
Even if the user is not logged in and even if you haven't created any flash message,
25+
just calling the ``get()`` (or even ``has()``) method of the ``flashbag`` will
26+
start a session. This may hurt your application performance because all users will
27+
receive a session cookie. To avoid this behavior, add a check before trying to
28+
access the flash messages:
29+
30+
.. code-block:: html+jinja
31+
32+
{% if app.request.hasPreviousSession %}
33+
{% for flashMessage in app.session.flashbag.get('notice') %}
34+
<div class="flash-notice">
35+
{{ flashMessage }}
36+
</div>
37+
{% endfor %}
38+
{% endif %}

cookbook/session/index.rst

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,4 +7,5 @@ Sessions
77
proxy_examples
88
locale_sticky_session
99
sessions_directory
10-
php_bridge
10+
php_bridge
11+
avoid_session_start

0 commit comments

Comments
 (0)
0