Project

General

Profile

Download (3.15 KB)

Feature #7598 » 0004-Limit-weakSessionIds-support-to-http-connector.patch

Bruce Toll, 06/08/2020 02:14 PM

View differences:

src/Wt/WApplication.C
static unsigned long seq = 0;
if (resource->internalPath().empty())
return session_->mostRelativeUrl(fn, WebSession::SessionOption::UseWeakSessionId)
if (resource->internalPath().empty()) {
// We generally want to use a weak session id for resources...
WebSession::SessionOption sessionOption =
WebSession::SessionOption::UseWeakSessionId;
// Unless the connector does not support weak session ids
if (!environment().server()->weakSessionIdEnabled())
sessionOption = WebSession::SessionOption::UseSessionId;
return session_->mostRelativeUrl(fn, sessionOption)
+ "&request=resource&resource=" + Utils::urlEncode(resource->id())
+ "&rand=" + std::to_string(seq++);
else {
} else {
fn = resource->internalPath() + fn;
if (!session_->applicationName().empty() && fn[0] != '/')
fn = '/' + fn;
src/Wt/WServer.C
ownsIOService_ = true;
dedicatedProcessEnabled_ = false;
weakSessionIdEnabled_ = false;
ioService_ = 0;
webController_ = 0;
configuration_ = 0;
......
return dedicatedProcessEnabled_;
}
bool WServer::weakSessionIdEnabled() const {
return weakSessionIdEnabled_;
}
void WServer::initLogger(const std::string& logFile,
const std::string& logConfig)
{
src/Wt/WServer.h
* \brief Reflects whether the current process is a dedicated session process
*/
WT_API bool dedicatedSessionProcess() const;
WT_API bool weakSessionIdEnabled() const;
#endif // WT_TARGET_JAVA
WT_API bool expireSessions();
......
WIOService *ioService_;
bool dedicatedProcessEnabled_;
bool weakSessionIdEnabled_;
struct Impl;
Impl *impl_;
src/http/WServer.C
dedicatedProcessEnabled_ = true;
}
// Support weakSessionIds in resource urls
weakSessionIdEnabled_ = true;
try {
impl_->server_ = new http::server::Server(*impl_->serverConfiguration_,
*this);
(4-4/4)