Remove session ID set through REQUEST_URI

php · Jun 22, 2023 · f160eff · f160eff
1 parent 466fc78
commit f160eff
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 16 deletions.
diff --git a/NEWS b/NEWS
@@ -5,6 +5,9 @@ PHP                                                                        NEWS
 - PCRE:
   . Mangle PCRE regex cache key with JIT option. (mvorisek)
 
+- Session:
+  . Removed broken url support for transferring session ID. (ilutov)
+
 06 Jul 2023, PHP 8.1.21
 
 - CLI:

diff --git a/ext/session/session.c b/ext/session/session.c
@@ -1503,7 +1503,7 @@ PHPAPI int php_session_start(void) /* {{{ */
 {
 	zval *ppid;
 	zval *data;
-	char *p, *value;
+	char *value;
 	size_t lensess;
 
 	switch (PS(session_status)) {
@@ -1572,21 +1572,6 @@ PHPAPI int php_session_start(void) /* {{{ */
 					ppid2sid(ppid);
 				}
 			}
-			/* Check the REQUEST_URI symbol for a string of the form
-			 * '<session-name>=<session-id>' to allow URLs of the form
-			 * http://yoursite/<session-name>=<session-id>/script.php */
-			if (!PS(id) && zend_is_auto_global(ZSTR_KNOWN(ZEND_STR_AUTOGLOBAL_SERVER)) == SUCCESS &&
-				(data = zend_hash_str_find(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), "REQUEST_URI", sizeof("REQUEST_URI") - 1)) &&
-				Z_TYPE_P(data) == IS_STRING &&
-				(p = strstr(Z_STRVAL_P(data), PS(session_name))) &&
-				p[lensess] == '='
-				) {
-				char *q;
-				p += lensess + 1;
-				if ((q = strpbrk(p, "/?\\"))) {
-					PS(id) = zend_string_init(p, q - p, 0);
-				}
-			}
 			/* Check whether the current request was referred to by
 			 * an external site which invalidates the previously found id. */
 			if (PS(id) && PS(extern_referer_chk)[0] != '\0' &&