Bug #3540: plain HTML sessions limit bug - Wt - Redmine

Bug #3540

plain HTML sessions limit bug

Added by Boris Nagaev almost 8 years ago. Updated almost 8 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Koen Deforche

Target version:

3.3.4

Start date:

08/22/2014

Due date:

% Done:

Estimated time:

Description

src/web/WebController.C:

return plainHtmlSessions_ > conf*.maxPlainSessionsRatio() * ajaxSessions*;

should be

return plainHtmlSessions_ > conf*.maxPlainSessionsRatio() * (ajaxSessions* + plainHtmlSessions_);

Currently, even if plain-ajax-sessions-ratio-limit=1, running 20 Ajax + 20 HTML sessions, new HTML sessions are discarded as DDoS.

History
Property changes

Also available in: Atom PDF

Project

General

Profile

Wt

Bug #3540

plain HTML sessions limit bug

Updated by Koen Deforche almost 8 years ago

Updated by Koen Deforche almost 8 years ago