Clear out duplicate session cookies created by calls to session_start()

Bug 1446036 Change-Id: I7f59b8c295a2ba6c2ffeca7bdab8899fef09bb0f

Clear out duplicate session cookies created by calls to session_start()
Bug 1446036 Change-Id: I7f59b8c295a2ba6c2ffeca7bdab8899fef09bb0f
390a6767 · Aaron Wells · 6bc4db12 · 390a6767 · 390a6767
Commit 390a6767 authored Apr 23, 2015 by Aaron Wells
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 0 deletions

htdocs/api/xmlrpc/lib.php htdocs/api/xmlrpc/lib.php +1 -0

htdocs/auth/session.php htdocs/auth/session.php +35 -0

No files found.
--- a/htdocs/api/xmlrpc/lib.php
+++ b/htdocs/api/xmlrpc/lib.php
@@ -553,6 +553,7 @@ function kill_children($username, $useragent) {
    delete_records('sso_session',
                   'userid',    $userid);

+    clear_duplicate_cookies();
    return true;
 }


--- a/htdocs/auth/session.php
+++ b/htdocs/auth/session.php
@@ -296,6 +296,9 @@ class Session {
        else {
            @session_start();
        }
+        // Anytime you call session_start() more than once, PHP will usually
+        // send out a duplicate session header.
+        clear_duplicate_cookies();
    }

    /*
@@ -332,6 +335,7 @@ class Session {
            }
            @session_start();
            session_destroy();
+            clear_duplicate_cookies();
        }
    }

@@ -434,6 +438,7 @@ function remove_user_sessions($userid) {
        session_start();
    }

+    clear_duplicate_cookies();
    delete_records_select('usr_session', 'session IN (' . join(',', array_map('db_quote', $alive)) . ')');
 }

@@ -455,3 +460,33 @@ function remove_all_sessions() {

    delete_records_select('usr_session', 'session != ?', array($sid));
 }
+
+/**
+ * Every time you call session_start(), PHP adds another
+ * identical session cookie to the response header. Do this
+ * enough times, and your response header becomes big enough
+ * to choke the web server.
+ *
+ * This method clears out the duplicate session cookies.
+ */
+function clear_duplicate_cookies() {
+    // If headers have already been sent, there's nothing we can do
+    if (headers_sent()) {
+        return;
+    }
+
+    $cookies = array();
+    foreach (headers_list() as $header) {
+        // Identify cookie headers
+        if (strpos($header, 'Set-Cookie:') === 0) {
+            $cookies[] = $header;
+        }
+    }
+    // Removes all cookie headers, not just the session one.
+    header_remove('Set-Cookie');
+
+    // Restore one copy of each cookie
+    foreach(array_unique($cookies) as $cookie) {
+        header($cookie, false);
+    }
+}