framework: Session variables are not saved in Internet Explorer 11

First request (Chrome):

Session::put('foo', 'bar');
var_dump(Session::all());

Output:

array (size=4)
  '_token' => string '...' (length=40)
  'flash' => 
    array (size=2)
      'old' => 
        array (size=0)
          empty
      'new' => 
        array (size=0)
          empty
  'foo' => string 'bar' (length=3)

Second request:

//Session::put('foo', 'bar');
var_dump(Session::all());

Output: Same as before

First request (Internet Explorer):

Session::put('foo', 'bar');
var_dump(Session::all());

Output:

array (size=2)
  '_token' => string '...' (length=40)
  'foo' => string 'bar' (length=3)

Second request (Internet Explorer):

//Session::put('foo', 'bar');
var_dump(Session::all());

Output:

array (size=1)
  '_token' => string '...' (length=40)

As you can see, IE is not adding the flash array on the first request nor saving foo to the second request. Why? Cookies works fine. Session doesn’t.

I’m using the latest version of Laravel 4.1.

About this issue

  • Original URL
  • State: closed
  • Created 11 years ago
  • Reactions: 2
  • Comments: 54 (7 by maintainers)

Most upvoted comments

IE sucks

+27
jeroendesloovere on Nov 20, 2015

I doubt my solution applies to a lot of people, but in our case we were using an underscore in the subdomain name (some_subdomain.domain.url), which is technically not allowed in some spec (HTML? working from memory here) but IE is the only browser to honor that restriction, and it does so by not allowing cookies to be stored from those subdomains. No cookies = no Laravel session = things like Input::flash and Session::flash don’t work. We renamed the subdomain to some-subdomain.domain.url and everything magically started working.

+18
tmountjr on Jul 18, 2014

I have the same problem, in my case it turns out IE silently drops cookies if the server time is in the past respect to the time in the client machine… The time in the server was OK, the time in the client not…

I think the better way to solve this issue is drop IE of this planet.

+5
edgar-orozco on Nov 20, 2015

I fixed it by changing this parameter in the app/session.php ‘expire_on_close’ => false, to ‘expire_on_close’ => true,

Odd…

+3
aranere on Apr 24, 2014

fuck IE

+2
liu923014086 on Mar 13, 2019

@SturmB Thank you for your informations!! That is what I found out right now. It has something to do with the time difference, I am still trying to find a solution without manually re-syncing.

+2
lefrancois on Mar 20, 2018

My problem was that my Virtualbox server used a different time then my Host. It works now when I synced the time on the server.

+2
Marwelln on Dec 30, 2013

I’m getting the TokenMismatchException in IE11 with L5.5, even after trying the fix proposed by @briedis, @robincsamuel, and @divostar. What now?

+1
SturmB on Oct 26, 2017

I’m working in L5.4, I added the middleware written by @divostar (in comments above) and it worked 👏

+1
blogui91 on Sep 14, 2017

Same problem confirmed and possible fault found.

My situation is that I show my page in a iframe on a different domain. I did some debugging, and it seems that IE (and Safari, probably) doesn’t pass cookies to iframe, so a new session is made each time.

It looks like the classic IE/Safari Iframe cookie problem.

Can others affected with this problem confirm this, that cookies aren’t passed?

+1
briedis on Aug 22, 2014
Read more comments on GitHub
← framework: Session store not set on request.
framework: SoapFault exception cannot be caught when using SoapClient in Laravel →