symfony
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
+3Lines changed: 3 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
+3Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
+13-3Lines changed: 13 additions & 3 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
+13-3Lines changed: 13 additions & 3 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
+6-2Lines changed: 6 additions & 2 deletions b/‎src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
+6-2Lines changed: 6 additions & 2 deletions
@@ -389,6 +389,9 @@ public function setOptions(array $options)
                     $this->emulateSameSite = $value;
                     continue;
                 }
+                if ('cookie_secure' === $key && 'auto' === $value) {
+                    continue;
+                }
                 ini_set('url_rewriter.tags' !== $key ? 'session.'.$key : $key, $value);
             }
         }
 
@@ -14,6 +14,7 @@
 use Psr\Container\ContainerInterface;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
+use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 
 /**
  * Sets the session in the request.
@@ -33,10 +34,12 @@ public function __construct(ContainerInterface $container)
         $this->container = $container;
     }
 
-    protected function getSession(): ?SessionInterface
+    public function onKernelRequest(GetResponseEvent $event)
     {
-        if (!$this->container->has('session')) {
-            return null;
+        parent::onKernelRequest($event);
+
+        if (!$event->isMasterRequest() || !$this->container->has('session')) {
+            return;
         }
 
         if ($this->container->has('session_storage')
@@ -46,6 +49,13 @@ protected function getSession(): ?SessionInterface
         ) {
             $storage->setOptions(['cookie_secure' => true]);
         }
+    }
+
+    protected function getSession(): ?SessionInterface
+    {
+        if (!$this->container->has('session')) {
+            return null;
+        }
 
         return $this->container->get('session');
     }
 
@@ -59,7 +59,7 @@ public function testSessionIsSet()
         $listener = new SessionListener($container);
 
         $event = $this->createMock(RequestEvent::class);
-        $event->expects($this->once())->method('isMasterRequest')->willReturn(true);
+        $event->expects($this->exactly(2))->method('isMasterRequest')->willReturn(true);
         $event->expects($this->once())->method('getRequest')->willReturn($request);
 
         $listener->onKernelRequest($event);
@@ -203,12 +203,16 @@ public function testGetSessionIsCalledOnce()
         $listener = new SessionListener($container);
         $listener->onKernelRequest($event);
 
+        // storage->setOptions() should have been called already
+        $container->set('session_storage', null);
+        $sessionStorage = null;
+
         $subRequest = $masterRequest->duplicate();
         // at this point both master and subrequest have a closure to build the session
 
         $masterRequest->getSession();
 
-        // calling the factory on the subRequest should not trigger a second call to storage->sesOptions()
+        // calling the factory on the subRequest should not trigger a second call to storage->setOptions()
         $subRequest->getSession();
     }
 }
Original file line number	Diff line number	Diff line change
`@@ -389,6 +389,9 @@ public function setOptions(array $options)`
`389`	`389`	`$this->emulateSameSite = $value;`
`390`	`390`	`continue;`
`391`	`391`	`}`
	`392`	`+ if ('cookie_secure' === $key && 'auto' === $value) {`
	`393`	`+ continue;`
	`394`	`+ }`
`392`	`395`	`ini_set('url_rewriter.tags' !== $key ? 'session.'.$key : $key, $value);`
`393`	`396`	`}`
`394`	`397`	`}`