Project

General

Profile

Actions

Support #14384

open

Session ID in URL

Added by Achim Reutelsterz about 2 months ago. Updated 25 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
03/10/2026
Due date:
% Done:

0%

Estimated time:

Description

Is there any way to hide the session id in the url although "reload-is-new-session" is set to "false"?
My wt_config.xml looks like follows:

...
Auto
false
false
false
...

I can see that a cookie is set in the browser and the application also does receive the cookie.
The session id always stays in the url unless i set "reload-is-new-session" to "true" but thats not what I want.
I'm using WT 4.12.5 with wthttp connector.


Files

sessionIdInUrl.png (8.2 KB) sessionIdInUrl.png Achim Reutelsterz, 04/07/2026 01:29 PM
noSessionIdInUrl.png (5.29 KB) noSessionIdInUrl.png Achim Reutelsterz, 04/07/2026 01:29 PM
wt_config.xml (44.8 KB) wt_config.xml Achim Reutelsterz, 04/07/2026 01:29 PM
Actions #1

Updated by Achim Reutelsterz about 2 months ago

It seems my configure option from wt_config.xml doesn't get showed up. So here again:

tracking=Auto
reload-is-new-session=False
session-id-cookie=false
cookie-checks=false

Actions #2

Updated by Romain Mardulyn about 1 month ago

Hi Achim,

Where is the url you are talking about?

Is it in the logs or in the url bar of the browser?

Actions #3

Updated by Achim Reutelsterz about 1 month ago

Hi Romain,

I'm talking about the url bar in the browser.

Actions #4

Updated by Romain Mardulyn 29 days ago

I do not manage to reproduce your issue.

Are these the only option you changed?

What browser are you using and are you using special options?

Do you have a small test case that reproduces the bug?

Updated by Achim Reutelsterz 25 days ago

Hi Romain,

yes, those are the only options I set. All other options are set to their default values. I've attached my wt_config.xml.
I've tested it with several Browsers (Edge, Chrome, Firefox) and no special options are set.
The issue occurs on every app I run, including the wt examples from you.

So maybe it is not a bug but rather a misunderstanding on my side.
Our customer doesn't want to see the session id in the url for security reasons. But setting "reload-is-new-session" to true is not an option for us.
So the question is: Is there any way to get rid of the session id in the url in this case?

Actions

Also available in: Atom PDF