sessionRotate

Creates a new session (using new session ids) and copies session scope into this new session, then invalidates the old session. Used after a valid login to prevent session fixation.

sessionRotate() → returns void

  1. CFDocs
  2. Functions
  3. ColdFusion 10 New Functions and Tags
  4. sessionRotate
  5. CF10+
  6. Lucee
  7. 0 Issue
  8. Edit
See Also:   sessioninvalidate

Compatibility

ColdFusion:

Version 10+ Does not rotate jsessionid when JEE sessions are enabled, only works with ColdFusion sessions (CFID,CFTOKEN).

Links more information about sessionRotate

Examples
Sample code invoking the sessionRotate function

Fork me on GitHub