Session Usage

  • Resolved Imagekalixhealth

    (@kalixhealth)


    4 months, 3 weeks ago

    We use the Meta pixel on our site, and it looks like when the POST ?ob=open-bridge/events endpoint is hit, the PHPSESSID cookie is added (as per below):

    Set-Cookie PHPSESSID=25ff71c3ec6e11ecf369ca68dafb3c38; expires=Thu, 25 Dec 2025 08:02:33 GMT; Max-Age=7776000; path=/; domain=kalixhealth.com; HttpOnly; SameSite=lax

    Is there any way to disable the use of session for this plugin? If not, how can we make sure it is a ‘Secure’ cookie at the very least?

    Cheers,

    Felix

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support ImageMarija

    (@marijastuntcoders)

    4 months, 3 weeks ago

    Hi @kalixhealth – thank you for reaching out!

    We are looking into this and will let you know as soon as we have an update.

    Kind regards,
    Marija

    Thread Starter Imagekalixhealth

    (@kalixhealth)

    4 months, 3 weeks ago

    Hi,

    It would be good to know what sort of information is stored in the session. If an external party gained access to the session, would that give access to sensitive information?

    Cheers,
    Felix

    Plugin Support ImageMarija

    (@marijastuntcoders)

    4 months, 2 weeks ago

    Hi @kalixhealth ,

    Only the guid, which is essentially the external_id is saved in the session, as it’s used to identify the events. So, rest assured that no sensitive data is being stored, or could be accessed by a third party.

    Please let us know if you have any other questions.

    Kind regards,
    Marija

    Plugin Support ImageMarija

    (@marijastuntcoders)

    4 months, 1 week ago

    Hi @kalixhealth ,

    Since we haven’t heard back from you in a while, we will be marking this issue as resolved. Please feel free to reach out again if you need further assistance.

    Kind regards,
    Marija

Viewing 4 replies - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.