Open
Description
Description
The following code:
<?php
session_id('mysessionid');
session_start();
session_write_close();
session_start();Resulted in this output:
HTTP/1.1 200 OK
Date: Mon, 19 May 2025 15:51:57 GMT
Server: Apache/2.4.62 (Win64) PHP/8.4.0 mod_fcgid/2.3.10-dev
X-Powered-By: PHP/8.4.0
Set-Cookie: PHPSESSID=mysessionid; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=mysessionid; path=/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
But I expected this output instead:
HTTP/1.1 200 OK
Date: Mon, 19 May 2025 15:51:57 GMT
Server: Apache/2.4.62 (Win64) PHP/8.4.0 mod_fcgid/2.3.10-dev
X-Powered-By: PHP/8.4.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=mysessionid; path=/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
I tried with output buffering on and off. If I remove session_id() I cannot reproduce it again, but I only used it to create a reproducible example, as in the real project, it's sending duplicate headers even without it.
PHP Version
PHP 8.4 and Apache 2.4.62
> Apache/2.4.62 (Win64) PHP/8.4.0 mod_fcgid/2.3.10-dev
Operating System
Windows 10