Temporary hotfix to keep a single set-cookie header in sync_session

butopea · Sep 15, 2021 · 21d015b · 21d015b
1 parent 7c05aa3
commit 21d015b
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/src/catalog/controller/vsbridge/sync_session.php b/src/catalog/controller/vsbridge/sync_session.php
@@ -11,6 +11,12 @@ public function index(){
         session_abort();
         session_id($vsbridge_session_id);
         session_start();
+
+        // Temporary, edge case hotfix due to https://github.com/cloudflare/cloudflare-docs/issues/17
+        // Summary: Cloudflare workers combine set-cookie headers, but Chrome >= 88 only takes the first cookie
+        // Fix: We clear previous cookies to set the session properly
+        header_remove('Set-Cookie');
+
         $this->session->start('default', $vsbridge_session_id);
 
         // to: GET parameter determining the redirection destination