Bug 107347

Summary: Konqueror does not work with PHP cookie-based sessions
Product: [Retired] Red Hat Linux Reporter: lok
Component: kdebaseAssignee: Ngo Than <than>
Status: CLOSED NOTABUG QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 9   
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-02-16 00:57:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description lok 2003-10-17 06:40:09 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3.1) Gecko/20030425

Description of problem:
We run a webmail system (IMP) written in PHP which uses sessions. On a
development server, I am trying to force the sessions to only use cookies, to
prevent users entering session IDS in the URL, by setting
session.use_only_cookies = 1 in php.ini. This works OK for Mozilla 1.x, Netscape
4.x and IE 5.x, (ie users are able to log in, a session is created, and there
are no issues with the session being dropped) but with Konqueror 3.1 users
cannot log in at all and the session is reported to have expired. (IMP issues
the message "Your Mail session has expired. Please login again." on the login
page, and "Session timeout for client" in its log file.

Version-Release number of selected component (if applicable):
kdebase-3.1-15

How reproducible:
Always

Steps to Reproduce:
1. Configure PHP to use session.use_only_cookies = 1
2. Access a PHP app which uses sessions with Konqueror
    

Actual Results:  User unable to log in, and an expired session message is returned.

Expected Results:  User should be able to log in.

Additional info: