Fix: Magento 2 core bug wipes your client’s sessions

There is no better way to test any piece of software than just using it on a daily basis. Working with multiple projects at the same time means that you’re likely to utilize every facet of the application. That is what we usually do in Scandiweb.

Recently, a few projects were experiencing a shared problem and the owners became worried. Some merchants may never spot such an issue, due to slow servers, but nevertheless, it is still present in all Magento installations since version 2.1.0 and an official patch is not yet released!

The Magento 2 core bug

You might or might not be satisfied with the new Magento checkout. However, no merchant is happy when their customers are finalizing purchase orders, ready to pay for products and suddenly see an empty cart. In some cases, this is not critical. But in those, where customer experience is of vital importance, and customers are expecting high-quality service, this issue is very significant. This is why some clients reported the same critical issue, within a single time period.


Multiple fast reloads on the checkout page is the most straightforward way to replicate the issue. Just be sure to have some products in your cart. If, after 5–10 reloads, your cart shows up as empty — congratulations, you have replicated the bug.


The reason for the cart being emptied is simple — your session just became rewritten by a new one. When race conditions occur, Magento is unable to fetch your existing version and initializes a new one, sending corresponding headers to your browser. It is at this moment, that the client is entering all the cart details, only to get redirected and see a “Your cart is empty!” message.


Digging the internet, in search for a solution, we found out the issue is already known and confirmed by the Magento team. However, at that time, there was no information on the bugfix release. It then turned out not to be included in the 2.2.4 release and is scheduled only for 2.2.5. We could not wait for such a long time and made a custom solution out of the suggestions and own knowledge.

Today we are sharing this solution — it’s available on BitBucket or via Composer for an even quicker and more convenient installation.


The package is fixing the issue out of the box by registering a Plugin that wraps original methods. According to the reported issue, the bug is present starting from Magento 2.1.0 and will be officially fixed in version 2.2.5/2.3.0, which is the reason why we have added limited Magento version requirements to our package.


1. Add our repository to your composer.json:

“repositories”: [


    “type”: “vcs”,

    “url”: “”



2. Require scandiweb/sessionfix dependency via Composer:

composer require scandiweb/sessionfix

3. Flush caches and enjoy!

This time Scandiweb hasn’t invented anything new per se. We took ready available knowledge, compiled it and made a solution — a quick, helpful and easy-to-use fix, without the worries and overhead related to core bugs! We hope you can put it to good use!

If you have any questions or encounter any problems, contact us at [email protected] and check out our Magento support and maintenance services!

If you enjoyed this post, you may also like