MDVA-41136: Expiration date of mage-cache-sessid is not extended
The MDVA-41136 patch solves the issue where the expiration date of the
mage-cache-sessid cookie is not extended, resulting in customer data cleanup. This patch is available when the Quality Patches Tool (QPT) 1.1.12 is installed. The patch ID is MDVA-41136. Please note that the issue is scheduled to be fixed in Adobe Commerce 2.4.5.
Affected products and versions
The patch is created for Adobe Commerce version:
- Adobe Commerce (all deployment methods) 2.4.2
Compatible with Adobe Commerce versions:
- Adobe Commerce (all deployment methods) 2.3.0 - 2.4.3-p1
The patch might become applicable to other versions with new Quality Patches Tool releases. To check if the patch is compatible with your Adobe Commerce version, update the
magento/quality-patches package to the latest version and check the compatibility on the QPT landing page. Use the patch ID as a search keyword to locate the patch.
The expiration date of the
mage-cache-sessid is not extended, resulting in customer data cleanup.
Steps to reproduce:
- In the Commerce Admin, go to Stores > Configuration > Web > Default Cookie Settings > and set Cookie Lifetime to 60.
- Log in as a customer on the storefront.
- Go to My account.
- Reload the page after 30 seconds.
The customer's name in the header is displayed.
The customer's name in the header is missing and the Default welcome msg! message is displayed.
Apply the patch
To apply individual patches, use the following links depending on your deployment method:
To learn more about Quality Patches Tool, refer to:
For info about other patches available in QPT, refer to Patches available in QPT in our developer documentation.