Use meta refresh instead of 302 redirect on new session

Attempting to fix missing session cookie in some versions of Android webview and Chrome. This may or may not be of any use, but why not try? See https://bugs.chromium.org/p/chromium/issues/detail?id=150066
2026-04-02 01:52:10 +09:00 · 2017-02-16 11:53:20 +09:00 · 2017-02-16 11:53:20 +09:00 · cbae2c374e
commit cbae2c374e
parent 5afa29484c
2 changed files with 14 additions and 2 deletions
--- a/classes/module/ModuleHandler.class.php
+++ b/classes/module/ModuleHandler.class.php
@ -949,8 +949,18 @@ class ModuleHandler extends Handler
 		{
 			if($_SESSION['XE_VALIDATOR_RETURN_URL'])
 			{
-				header('location: ' . $_SESSION['XE_VALIDATOR_RETURN_URL']);
-				return;
+				if ($_SESSION['is_new_session'])
+				{
+					ob_end_clean();
+					echo sprintf('<html><head><meta charset="UTF-8" /><meta http-equiv="refresh" content="0; url=%s" /></head><body></body></html>', escape($_SESSION['XE_VALIDATOR_RETURN_URL']));
+					return;
+				}
+				else
+				{
+					ob_end_clean();
+					header('location: ' . $_SESSION['XE_VALIDATOR_RETURN_URL']);
+					return;
+				}
 			}

 			// If error occurred, handle it
--- a/common/framework/session.php
+++ b/common/framework/session.php
@ -214,6 +214,7 @@ class Session
 		}
 		else
 		{
+			$_SESSION['is_new_session'] = false;
 			return true;
 		}
 	}
@ -374,6 +375,7 @@ class Session
 		$_SESSION['RHYMIX']['secret'] = Security::getRandom(32, 'alnum');
 		$_SESSION['RHYMIX']['tokens'] = array();
 		$_SESSION['is_webview'] = self::_isBuggyUserAgent();
+		$_SESSION['is_new_session'] = true;
 		$_SESSION['is_logged'] = false;
 		$_SESSION['is_admin'] = '';