With database based sessions, when a user (or bot) posts a large amount of data to any page with a form an exception is thrown. When redirecting back withInput() the laravel session middleware will attempt to save the full session including the posted data in the input old section which results in the following SQL error reported in the logs.
/vendor/laravel/framework/src/Illuminate/Database/Connection.php:664, PDOException(code: 22001): SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'payload' at row 1 at /vendor/laravel/framework/src/Illuminate/Database/Connection.php:483
Unfortunately because this error is not easily distinguishable from any other similar SQL error it currently cannot be ignored / filtered out by the middleware.
Can the framework instead throw a new exception type to indicate the session save failed when the session fails to save?
That way we could ignore (or catch) the new type of exception and not have the logs filled with the session errors.
Simple Test Case
Install Laravel and set session type to database in the config
Description
With database based sessions, when a user (or bot) posts a large amount of data to any page with a form an exception is thrown. When redirecting back withInput() the laravel session middleware will attempt to save the full session including the posted data in the input old section which results in the following SQL error reported in the logs.
/vendor/laravel/framework/src/Illuminate/Database/Connection.php:664, PDOException(code: 22001): SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'payload' at row 1 at /vendor/laravel/framework/src/Illuminate/Database/Connection.php:483
Unfortunately because this error is not easily distinguishable from any other similar SQL error it currently cannot be ignored / filtered out by the middleware.
Can the framework instead throw a new exception type to indicate the session save failed when the session fails to save?
That way we could ignore (or catch) the new type of exception and not have the logs filled with the session errors.
Simple Test Case