@matzesa opened this Issue on September 6th 2018

When I use the automatic login for Piwik I get the 'Set-Cookie'-Header twice with different 'PIWIK_SESSID'.

Example Request:

curl -i -X POST 'https://stats.example.org/index.php?module=Login&action=logme&login=your_login&password=your_MD5_password'


HTTP/1.1 302 Found
Date: Thu, 06 Sep 2018 08:28:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: PIWIK_SESSID=k3h1ibnabkjlsorvd81oc5ud74; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PIWIK_SESSID=uf95464tpqceujjce1ppt6itf2; path=/; secure; HttpOnly
X-Robots-Tag: noindex
Location: index.php?idSite=0
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Matomo-Version: 3.6.0
MySQL-Version: 5.7.23-0ubuntu0.16.04.1
PHP-Version: 7.0.30-0ubuntu0.16.04.1

@tsteur commented on September 6th 2018 Member

Moving it to 3.6.1 to try and reproduce it

@tsteur commented on September 17th 2018 Member

see discussion in #13397

This Issue was closed on September 17th 2018
Powered by GitHub Issue Mirror