You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
minor #4964 link to the cookbook article on avoiding to start a session (dbu)
This PR was merged into the 2.3 branch.
Discussion
----------
link to the cookbook article on avoiding to start a session
resolve the todo now that #4661 is merged
Commits
-------
e66aac7 link to the cookbook article on avoiding to start a session
Copy file name to clipboardExpand all lines: cookbook/cache/varnish.rst
+4-5
Original file line number
Diff line number
Diff line change
@@ -72,11 +72,10 @@ If you know for sure that the backend never uses sessions or basic
72
72
authentication, have varnish remove the corresponding header from requests to
73
73
prevent clients from bypassing the cache. In practice, you will need sessions
74
74
at least for some parts of the site, e.g. when using forms with
75
-
:ref:`CSRF Protection <forms-csrf>`. In this situation, make sure to only
76
-
start a session when actually needed, and clear the session when it is no
77
-
longer needed. Alternatively, you can look into :doc:`../cache/form_csrf_caching`.
78
-
79
-
.. todo link "only start a session when actually needed" to cookbook/session/avoid_session_start once https://github.com/symfony/symfony-docs/pull/4661 is merged
75
+
:ref:`CSRF Protection <forms-csrf>`. In this situation, make sure to
76
+
:doc:`only start a session when actually needed </cookbook/session/avoid_session_start>`
77
+
and clear the session when it is no longer needed. Alternatively, you can look
78
+
into :doc:`/cookbook/cache/form_csrf_caching`.
80
79
81
80
Cookies created in Javascript and used only in the frontend, e.g. when using
82
81
Google analytics are nonetheless sent to the server. These cookies are not
0 commit comments