Merge pull request #21577 from owncloud/make-code-cleaner-by-removing-unrequired-security-features

Remove code related to session regeneration after some time

1 files changed, 1 insertions, 11 deletions

diff --git a/lib/base.php b/lib/base.php
index 71c04206f6a..51f4d819ab1 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -431,20 +431,10 @@ class OC {
 			//show the user a detailed error page
 			OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
 			OC_Template::printExceptionErrorPage($e);
+			die();
 		}
 
 		$sessionLifeTime = self::getSessionLifeTime();
-		// regenerate session id periodically to avoid session fixation
-		/**
-		 * @var \OCP\ISession $session
-		 */
-		$session = self::$server->getSession();
-		if (!$session->exists('SID_CREATED')) {
-			$session->set('SID_CREATED', time());
-		} else if (time() - $session->get('SID_CREATED') > $sessionLifeTime / 2) {
-			$session->regenerateId();
-			$session->set('SID_CREATED', time());
-		}
 
 		// session timeout
 		if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) {