PHP+Nginx query resetting Session Cookie?

[Guest]

so i dont know whats really going on here, but its confusing the hell out of me.

so i set an NGINX+PHP-FPM server, with all my needed extinctions.

I get this url from facebook:

https://***/posts/?post=**UUIDv4***&fbclid=****

 

nothing weird about the URL but when i open the URL, my PHP session changes, along with a logout of my user.

when i refresh the screen after that URL is used, it does logout again.

nginx conf:
 

server {
        root /***/;
        index index.php;
        server_name ***;
        location / {
#                try_files $uri $uri/ =404;
                        try_files $uri $uri/ /index.php$uri$is_args$args;
        }
        location /posts/ {
#                    try_files $uri $uri/ @rewrites;
        }
        # pass PHP scripts to FastCGI server
        #
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        }
        location @rewrites {
         rewrite ^/posts/(?<id>[a-zA-Z0-9]+)$ /posts/?post=$id;
        }
#below here is SSL stuff for Certbot
}

the server is Behind a proxy: (the proxy config)
 

server {
        server_name ***;
        location / {
                proxy_pass "https://192.168.0.155:443";
                proxy_set_header HTTP_Country-Code US;
                proxy_pass_request_headers on;
                proxy_set_header Host $host;
                proxy_set_header   X-Real-IP          $remote_addr;
                proxy_set_header   X-Forwarded-Proto  $scheme;
                proxy_set_header   X-Forwarded-For    $proxy_add_x_forwarded_for;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_cache_bypass $http_upgrade;
                proxy_set_header Connection 'upgrade';
        }
#below here is SSL stuff for Certbot
}

PHP session settings:

main issue: When using other than ?post= queries, the session expires, and i dont know why.

 

 

i can provide any more details, just let me know

[wasab]

Open your browser, check the sites storage. Do you see a session there?

[Guest]

4 hours ago, wasab said:

Open your browser, check the sites storage. Do you see a session there?

after the refresh with the "URL" (poorly worded i might add) the session refreshed.

 

the issue was due to 

session.use_strict_mode, as when this is on, it errors