rfc:session_regenerate_id

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
rfc:session_regenerate_id [2015/03/20 22:48]
yohgaki
rfc:session_regenerate_id [2015/03/21 01:23]
yohgaki
Line 7: Line 7:
   * Status: Under Discussion   * Status: Under Discussion
   * First Published at: http://​wiki.php.net/​rfc/​session_regenerate_id   * First Published at: http://​wiki.php.net/​rfc/​session_regenerate_id
 +  * Renamed: https://​wiki.php.net/​rfc/​precise_session_management
  
 ===== Introduction ===== ===== Introduction =====
 +
 +**This RFC is renamed**. Refer to the latest
 +
 +https://​wiki.php.net/​rfc/​precise_session_management
 +
 +
  
 Keeping HTTP session as secure as possible is what the session manager'​s task. **Session manager can improve HTTP session security without user code modification while keeping compatibility with existing applications.** Please note that this RFC is for session manager behavior. Keeping HTTP session as secure as possible is what the session manager'​s task. **Session manager can improve HTTP session security without user code modification while keeping compatibility with existing applications.** Please note that this RFC is for session manager behavior.
Line 135: Line 142:
  
  
-===== Proposed Voting Choices ​=====+===== Vote =====
  
-  * Add __SESSION_DESTORY_TTL__ time stamp Yes/No+  * Add <​nowiki>​__SESSION_DESTORY_TTL__</​nowiki> ​time stamp Yes/No
  
  
Line 147: Line 154:
  
   * http://​us3.php.net/​session_regenerate_id   * http://​us3.php.net/​session_regenerate_id
 +  * https://​bugs.php.net/​bug.php?​id=69127 (Bug report)
 +  * https://​wiki.php.net/​rfc/​session-lock-ini#​proposal_4_-_lazy_destroy (Previous attempt)
  
 ===== ChangeLog ===== ===== ChangeLog =====
rfc/session_regenerate_id.txt · Last modified: 2017/09/22 13:28 (external edit)