Closed
Description
In #13048 session migration was changed so that the old session data are deleted immediately.
The PHP docs in https://secure.php.net/manual/en/features.session.security.management.php state multiple times that this is not the right thing to do, but old session data should be kept for a short while to avoid side effects (concurrency/unstable network).
I did not perceive concrete problems with the current implementation but noted the contradictions between PHP docs and Symfony implementation and wondered if this was done on purpose (although I couldn't find any discussion on that topic).
In short: Can the current implementation be considered correct or good enough or should the regeneration process be improved?
Metadata
Metadata
Assignees
Labels
RFC = Request For Comments (proposals about features that you want to be discussed)RFC = Request For Comments (proposals about features that you want to be discussed)