Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-71319

Guest user calls to extend_session every second if LFR_SESSION_STATE cookie value can not be got

    Details

      Description

      If you disable cookies in your browser and access to any Liferay page, without sign in (in fact, you can not, because you need enable cookies for that), you'll see how every single second a POST to /c/portal/extend_session is made.

      Steps to reproduce
      1.- Disable cookies in your browser
      2.- Access to any page in your Liferay Server
      3.- Open network tab in browser console

      Expected result
      You can see normal traffic

      Actual result
      Every second there is a request to /c/portal/extend_session.

      Root cause
      This is happening because we use the cookie LFR_SESSION_STATE_

      {userId}

      to store the timestamp of the moment when the session started, and later (every second according to the interval we defined in session.js) we use that value to figure out how long the session has been active. If we can not get the value, we set default value: 0, and that provokes the recurrent calls to extend_session until you close the browser.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  2 years, 33 weeks, 4 days ago

                  Packages

                  Version Package
                  6.2.X EE
                  7.0.0 DXP FP13
                  7.0.0 DXP SP3
                  7.0.3 CE GA4
                  7.0.X EE
                  7.1.X
                  Master