Skip to content

[HttpFoundation] Session handlers should use a lock #4976

New issue
New issue
Open
#48588
Open
[HttpFoundation] Session handlers should use a lock#4976
#48588
Labels
BugEnhancementHttpFoundationKeep open
@vicb

Description

@vicb
vicb
opened on Jul 19, 2012

The following session handlers:

  • MemcachedSessionHandler
  • MemcacheSessionHandler
  • MongoDbSessionHandler
  • PdoSessionHandler done

do not use a lock to serialize access to the session data. This might result in a data corruption / lose of data when two requests are modifying the session data at the same time.

see #4668

edit:

This is also applicable to Symfony/Bridge/Doctrine/HttpFoundation/DbalSessionHandler.php

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugEnhancementHttpFoundationKeep open

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions