Symfony version(s) affected

4.4.7 and upwards

Description

I'm encountering the same issue as described in #46993.

The issue is that Drupal implements Drupal\Core\Session\WriteSafeSessionHandler (view file) which extends \SessionHandlerInterface, causing \Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy to fallback to 'user' save handler name despite of the patch of that very issue.

How to reproduce

I don't know how I could explain to you how to reproduce this issue since I was working with a Drupal 9 project.

I would like to know whether the choice of using \SessionHandler opposed to \SessionHandlerInterface was made on purpose in that issue merged patch, because I'm now experiencing an issue with Drupal 9.5.9 which relies on symphony/http-foundation:^4.4.7.

Possible Solution

I was able to fix my issue by replacing \SessionHandlerProxy with \SessionHandlerInterface instead in:

• StrictSessionHandler.php#L40
• SessionHandlerProxy.php#L26

Knowing that PHP \SessionHandler implements \SessionHandlerInterface: https://www.php.net/manual/en/class.sessionhandler.php#sessionhandler.synopsis

Additional Context

No response