I have a xenforo site set up on /xenforo, that I upgraded from a site that was running on /forum. I enabled the link redirect.
When I log into to xf, I see something like this in the response headers:
Set-Cookie: xf_user=1%2Ck2MAMXb_Biy2FIOSE-xpdONSTdNNP8MoLYYWKhKS; expires=Sat, 26-Dec-2020 17:03:32 GMT; Max-Age=31536000; path=/; HttpOnly
Set-Cookie: xf_session=QBjr11rwSNkxmYFrlxfzS2fMKJ6vxIRU; path=/; HttpOnly
If a redirect link is opened on /forum/showthread.php?...., and I look at the "Cookie" header, it lacks the xf_session. If this redirect is to a document that is not publicly accessible, it fails.
Question is - why does the session cookie not work in /forum even though path=/?
When I log into to xf, I see something like this in the response headers:
Set-Cookie: xf_user=1%2Ck2MAMXb_Biy2FIOSE-xpdONSTdNNP8MoLYYWKhKS; expires=Sat, 26-Dec-2020 17:03:32 GMT; Max-Age=31536000; path=/; HttpOnly
Set-Cookie: xf_session=QBjr11rwSNkxmYFrlxfzS2fMKJ6vxIRU; path=/; HttpOnly
If a redirect link is opened on /forum/showthread.php?...., and I look at the "Cookie" header, it lacks the xf_session. If this redirect is to a document that is not publicly accessible, it fails.
Question is - why does the session cookie not work in /forum even though path=/?