Issue status update for http://drupal.org/node/21170 Project: Drupal Version: 4.6.0 Component: other Category: bug reports Priority: normal Assigned to: kbahey Reported by: kbahey Updated by: kbahey Status: patch I am not sure which is the lesser evil: not having sessions or having session IDs in the URL. Perhaps we can add it in the settings.php as a comment ("If you still have the sessions in the URL then try this" kind of thing). kbahey Previous comments: ------------------------------------------------------------------------ April 23, 2005 - 11:47 : kbahey Attachment: http://drupal.org/files/issues/settings_0.patch (576 bytes) As per the workaround mentioned in discussion [1], the default settings.php file that is shipped does not always prevent PHP from adding the PHPSESSID in the URL. Although this is a hosting setting issue, a workaround exists for it: A patch is attached, and it just adds the following line to settings.php ini_set('url_rewriter.tags', ''); [1] http://drupal.org/node/17947#comment-36339 ------------------------------------------------------------------------ April 24, 2005 - 07:33 : Dries If this mechanism kicks in, your session ID isn't shared but the sessions probably won't work either. Is this a good idea?