SessionManager::sessionExists() considers headers_sent() === true as evidence of session #123
Description
Bug Report
| Q | A |
|---|---|
| Version(s) | 2.16.0 |
Summary
I'm not quite the original motivation but when ::sessionExists() looks for evidence of a session, it considers headers_sent() === true as sufficient proof... except there are plenty of valid reasons for having output already sent to the client or console, e.g. during PHPUnit tests.
Current behavior
headers_sent() is evidence of a session being present, probably for very old Internet reasons.
How to reproduce
Run a test with PHPUnit (not run in an isolated environment - yes this is a workaround but not a good one) and headers_sent() will always be true, which means the session manager goes astray thinking we already have an active session.
Expected behavior
We remove this check and allow the other, less flaky, tests remain.