[drupal-devel] [bug] settings.php change to prevent PHPSESSID in URL

Dries drupal-devel at drupal.org
Sun Apr 24 12:33:15 UTC 2005

Issue status update for http://drupal.org/node/21170

 Project:      Drupal
 Version:      4.6.0
 Component:    other
 Category:     bug reports
 Priority:     normal
 Assigned to:  kbahey
 Reported by:  kbahey
 Updated by:   Dries
 Status:       patch

If this mechanism kicks in, your session ID isn't shared but the
sessions probably won't work either.  Is this a good idea?


Previous comments:

April 23, 2005 - 18:47 : kbahey

Attachment: http://drupal.org/files/issues/settings_0.patch (576 bytes)

As per the workaround mentioned in discussion [1], the default
settings.php file that is shipped does not always prevent PHP from
adding the PHPSESSID in the URL.

Although this is a hosting setting issue, a workaround exists for it:

A patch is attached, and it just adds the following line to

ini_set('url_rewriter.tags', '');
[1] http://drupal.org/node/17947#comment-36339

More information about the drupal-devel mailing list