Make sure sessions are cleaned after processing a request.

Author: mathieudz

Bridges/HttpKernel.php

@@ -95,6 +95,8 @@ public function handle(ServerRequestInterface $request)
             // end buffering if we need to throw
             @ob_end_clean();
             return $response;
+        } finally {
+            $this->cleanUpSession();
         }
 
         $out = ob_get_clean();
@@ -211,20 +213,6 @@ protected function mapRequest(ServerRequestInterface $psrRequest)
      */
     protected function mapResponse(SymfonyResponse $syResponse, $stdout='')
     {
-        // end active session
-        if (PHP_SESSION_ACTIVE === session_status()) {
-            // make sure open session are saved to the storage
-            // in case the framework hasn't closed it correctly.
-            session_write_close();
-        }
-
-        // reset session_id in any case to something not valid, for next request
-        session_id('');
-
-        //reset $_SESSION
-        session_unset();
-        unset($_SESSION);
-
         $nativeHeaders = [];
 
         foreach (headers_list() as $header) {
@@ -338,4 +326,24 @@ protected function normalizeAppBootstrap($appBootstrap)
             }
         }
     }
+
+    protected function cleanUpSession()
+    {
+        // end active session
+        if (PHP_SESSION_ACTIVE === session_status()) {
+            // make sure open session are saved to the storage
+            // in case the framework hasn't closed it correctly.
+            try {
+                session_write_close();
+            } catch (\ErrorException $e) {
+            }
+        }
+
+        // reset session_id in any case to something not valid, for next request
+        session_id('');
+
+        //reset $_SESSION
+        session_unset();
+        unset($_SESSION);
+    }
 }