Skip to content

[HttpKernel] Dont try to pop session cookie when headers are sent #61342

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

[HttpKernel] Dont try to pop session cookie when headers are sent #61342

wants to merge 1 commit into from
+1 −1

Conversation

shyim
Copy link
Contributor

@shyim shyim commented Aug 5, 2025

Q A
Branch? 6.4
Bug fix? yes/
New feature? no
Deprecations? no
Issues Fix #...
License MIT

I am handling a request while the headers are sent (on purpose, register shutdown after fast_cgi_finish request). and this crashes because Symfony tries to pop out some cookie, but it's not possible as the headers are sent.

image

So I added an early return if the headers are sent we do nothing anymore there.

@carsonbot carsonbot added this to the 6.4 milestone Aug 5, 2025
@nicolas-grekas
Copy link
Member

This looks suspicious to me. Not something the kernel is made for.
Looking at the code, you could maybe remove the session from the request?
The best alternative seems to be to use a background task.

@shyim shyim changed the title Fix wrong boolean values Dont try to pop cookie when headers are sent Aug 5, 2025
@shyim
Copy link
Contributor Author

shyim commented Aug 5, 2025

I am trying to implement stale http cache and automatic refresh in the background. I try if putting messages into queue with the new DeduplicateStamp helps. on the highly frequently used page, it could be several hundred users at the same time idk if that works great with that.

@nicolas-grekas
Copy link
Member

See https://symfony.com/blog/new-in-symfony-5-2-async-cache-recomputing and https://symfony.com/doc/current/cache.html#computing-cache-values-asynchronously ;)

@carsonbot carsonbot changed the title Dont try to pop cookie when headers are sent [HttpKernel] Dont try to pop cookie when headers are sent Aug 5, 2025
@nicolas-grekas nicolas-grekas changed the title [HttpKernel] Dont try to pop cookie when headers are sent [HttpKernel] Dont try to pop session cookie when headers are sent Aug 5, 2025
@shyim
Copy link
Contributor Author

shyim commented Aug 6, 2025

I am now letting handling it over queue, was pain but finally works: https://github.com/shopware/shopware/pull/11739/files

nice to know async cache recomputing, but it think won't work for our complicated case. DeduplicateStamp seems broken does not work at all already existing issues there. symfony lock flock does never lock a resource, redis does lock, but never unlock. but cache stampede protection as hack for locking did worked 😂

@shyim shyim closed this Aug 6, 2025
@shyim shyim deleted the fix/dont-try-to-pop-cookie-when-header-sent branch August 6, 2025 07:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Bug HttpKernel Status: Needs Review
Projects
None yet
Milestone
6.4
Development

Successfully merging this pull request may close these issues.
3 participants
@shyim @nicolas-grekas @carsonbot
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy