Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-71319

Guest user calls to extend_session every second if LFR_SESSION_STATE cookie value can not be got

Details

    Description

      If you disable cookies in your browser and access to any Liferay page, without sign in (in fact, you can not, because you need enable cookies for that), you'll see how every single second a POST to /c/portal/extend_session is made.

      Steps to reproduce
      1.- Disable cookies in your browser
      2.- Access to any page in your Liferay Server
      3.- Open network tab in browser console

      Expected result
      You can see normal traffic

      Actual result
      Every second there is a request to /c/portal/extend_session.

      Root cause
      This is happening because we use the cookie LFR_SESSION_STATE_

      {userId}

      to store the timestamp of the moment when the session started, and later (every second according to the interval we defined in session.js) we use that value to figure out how long the session has been active. If we can not get the value, we set default value: 0, and that provokes the recurrent calls to extend_session until you close the browser.

      Attachments

        Issue Links

          Activity

            People

              hong.zhao Hong Zhao (Inactive)
              antonio.ortega Antonio Ortega
              Kiyoshi Lee Kiyoshi Lee
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                5 years, 28 weeks, 1 day ago

                Packages

                  Version Package
                  6.2.X EE
                  7.0.0 DXP FP13
                  7.0.0 DXP SP3
                  7.0.3 CE GA4
                  7.0.X EE
                  7.1.X
                  Master