Magento 2: Cookie Behavior

astorm

Frustrated by Magento? Then you’ll love Commerce Bug, the must have debugging extension for anyone using Magento. Whether you’re just starting out or you’re a seasoned pro, Commerce Bug will save you and your team hours everyday. Grab a copy and start working with Magento instead of against it.

Updated for Magento 2! No Frills Magento Layout is the only Magento front end book you'll ever need. Get your copy today!

Programming Quickies

Quick dispatches from the life of a working programmer.

I’m seeing some behavior in Magento 2’s cookie management that has my “I’ve been at this too long” hackles raised.

Different areas (adminhtml, frontend) still have separate session cookies, but the adminhtml area’s is named admin, and the frontend area’s uses the default PHPSESSID. It’s unclear is the sessions are actually tie to areas though (needs more investigating)
I’m seeing cookies created with both the .example.com and example.com domain name within a single area
The admin session cookies seems to actually use the “path” parameter

Magento 1’s cookie naming wasn’t my favorite – the explicit domain name thing has been a problem for a while, but Magento 2’s seem a step back. I anticipate small pain in the behind bugs when dealing with extensions that use cookies, as well as integrating proxy services like CloudFlare that rely on setting cookies.

Programming Quickies

Permalink: https://alanastorm.com/magento-2-cookie-behavior/

Originally Posted: 10th December 2015

Categories

Archives

Recent Posts

Categories

Magento 2: Cookie Behavior

Programming Quickies

astorm