Asked  8 Months ago    Answers:  5   Viewed   32 times

Using Google Chrome, I'm seemingly losing/corrupting session data when navigating between pages (PHP 5.0.4, Apache 2.0.54). The website works perfectly fine in IE7/8, Firefox, Safari & Opera. The issue is only with Google Chrome.

I narrowed down the problem. I'm using search friendly URL's, and hiding my front controller (index.php) via a .htaccess file. So the URL looks like: Here's the .htaccess file contents:

Options +FollowSymlinks 
RewriteEngine on
#allow cool urls 
RewriteCond %{REQUEST_FILENAME} !-f 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule ^(.*) index.php [L] 
#allow to have Url without index.php 

If I remove the .htaccess file, and expose the front controller in the URL:, Chrome works perfectly fine.

Any thoughts ideas? I'm thinking it's some kind of problem with how Chrome identifies what cookie to use and send to the server? This happens in Chrome 4 & 5. Thanks!



I had the same issue, and to fix it I only had to create a favicon.ico and place it in the webroot - otherwise I could see using Fiddler that a 404 resulted for this with every page request from Chrome (despite me not actually linking to a favicon in the page markup).

In my mind this is clearly a bug in Chrome, as the lack of a favicon should have no bearing on session data.

Wednesday, March 31, 2021
answered 8 Months ago

OK. I've triple-tested this and I am 100% sure that it is being caused by my anti-virus (ESET NOD32 ANTIVIRUS 5).

Whenever I disable the Real-Time protection, the issue disappears. Today, I left the Real-Time protection off for 6-7 hours and the issue never occurred.

A few moments ago, I switched it back on, only for the problem to surface within a minute.

Over the course of the last 24 hours, I have switched the Real-Time protection on and off again, just to be sure. Each time - the result has been the same.

Update: I have come across another developer who had the exact same problem with the Real-Time protection on his Kaspersky anti-virus. He disabled it and the problem went away. i.e. This issue doesn't seem to be limited to ESET.

Wednesday, June 2, 2021
answered 5 Months ago

I'm guessing you're using Forms Authentication. The trick here is to ensure that your Forms Authentication expires before the session does.

I wrote about this in this answer here:

How to redirect to LogIn page when Session is expired (ASP.NET 3.5 FormsAuthen)

For example:

Configure your Forms Authentication - this sets the timeout to 60 minutes:

<authentication mode="Forms">
    <forms defaultUrl="~/Default.aspx"
        timeout="60" />

Extend Session expiry to a longer time:


In your Login.aspx code behind you could also do a Session.Clear(); to remove stale session data before assigning session values.

Monday, August 2, 2021
answered 3 Months ago

Origin null is not allowed by Access-Control-Allow-Origin means that you are trying to perform Ajax on a local file. This is forbidden for security reasons. Even if this was not the case, your PHP wouldn't run because PHP is supported by web servers, not web browsers.

You have a web server installed. You have to request your pages through the server, rather than accessing them directly from your file system.

Use a URL starting with http://localhost/

You will need to move your files so that they are under the server's DocumentRoot (or reconfigure the server so that it can access them from their present location).

Thursday, August 19, 2021
answered 3 Months ago

Use: and press enter/control+K

and after this, even if you try / google and press control+K, it'll work and won't redirect to

Sunday, August 22, 2021
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :