sessionRotate

Creates a new session (using new session ids) and copies session scope into this new session, then invalidates the old session. Used after a valid login to prevent session fixation.

sessionRotate() → returns void

  1. CFDocs
  2. Functions
  3. ColdFusion 10 New Functions and Tags
  4. sessionRotate
  5. CF10+
  6. Lucee
  7. BoxLang 1.0.0+
  8. 0 Issue
  9. Edit
See Also:   sessioninvalidate

Compatibility

ColdFusion:

Version 10+ Does not rotate jsessionid when JEE sessions are enabled, only works with ColdFusion sessions (CFID,CFTOKEN).

Links more information about sessionRotate

Examples
Sample code invoking the sessionRotate function

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub