You are here

protected function SessionConfiguration::getName in Drupal 9

Same name and namespace in other branches
  1. 8 core/lib/Drupal/Core/Session/SessionConfiguration.php \Drupal\Core\Session\SessionConfiguration::getName()

Returns the session cookie name.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request.

Return value

string The name of the session cookie.

2 calls to SessionConfiguration::getName()
SessionConfiguration::getOptions in core/lib/Drupal/Core/Session/SessionConfiguration.php
Returns a list of options suitable for passing to the session storage.
SessionConfiguration::hasSession in core/lib/Drupal/Core/Session/SessionConfiguration.php
Determines whether a session identifier is on the request.

File

core/lib/Drupal/Core/Session/SessionConfiguration.php, line 68

Class

SessionConfiguration
Defines the default session configuration generator.

Namespace

Drupal\Core\Session

Code

protected function getName(Request $request) {

  // To prevent session cookies from being hijacked, a user can configure the
  // SSL version of their website to only transfer session cookies via SSL by
  // using PHP's session.cookie_secure setting. The browser will then use two
  // separate session cookies for the HTTPS and HTTP versions of the site. So
  // we must use different session identifiers for HTTPS and HTTP to prevent a
  // cookie collision.
  $prefix = $request
    ->isSecure() ? 'SSESS' : 'SESS';
  return $prefix . $this
    ->getUnprefixedName($request);
}