CakePHP logging out if GET request is cross-site

  Uncategorized

Our client has an app working in CakePHP 1.2.5.

We developed another site to help with the branding, which will work as the main site, while the CakePHP will work as the "client area".

My issue stands in the login functionality. If I login in the CakePHP site, everything works fine, but if I click on a link that directs me from the main site to the CakePHP site, my session gets destroyed.

The same doesn’t happen if I enter the site with a direct link, so my session is not destroyed.

Any way I can prevent this?
Thanks in advance.

Source: CakePHP

LEAVE A COMMENT