summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2014-06-13 00:19:07 +0200
committerMorris Jobke <hey@morrisjobke.de>2014-06-13 00:19:07 +0200
commitaa8f17bc639daa9daeb68f8a9766272dac0bdb41 (patch)
treebfaab287fb9cf28f6af9dc23f933573e09feae8d
parentb595c982d0cc27c9e6e3ee3a04c8f9a567ec0dc8 (diff)
parent6a0f5cfc619e8e7463883b8df1375b93bc68a4d1 (diff)
downloadnextcloud-server-aa8f17bc639daa9daeb68f8a9766272dac0bdb41.tar.gz
nextcloud-server-aa8f17bc639daa9daeb68f8a9766272dac0bdb41.zip
Merge pull request #9017 from owncloud/maxheartbeatinterval
Added max heartbeat interval to prevent integer overflow
Diffstat
-rw-r--r--core/js/js.js5
-rw-r--r--core/js/tests/specs/coreSpec.js24
2 files changed, 28 insertions, 1 deletions
diff --git a/core/js/js.js b/core/js/js.js
index 1d5219eff12..a8dd9ca889d 100644
--- a/core/js/js.js
+++ b/core/js/js.js
@@ -968,6 +968,8 @@ function initCore() {
* time out
*/
function initSessionHeartBeat(){
+ // max interval in seconds set to 24 hours
+ var maxInterval = 24 * 3600;
// interval in seconds
var interval = 900;
if (oc_config.session_lifetime) {
@@ -977,6 +979,9 @@ function initCore() {
if (interval < 60) {
interval = 60;
}
+ if (interval > maxInterval) {
+ interval = maxInterval;
+ }
var url = OC.generateUrl('/heartbeat');
setInterval(function(){
$.post(url);
diff --git a/core/js/tests/specs/coreSpec.js b/core/js/tests/specs/coreSpec.js
index 3c62b976779..dd9d4a79277 100644
--- a/core/js/tests/specs/coreSpec.js
+++ b/core/js/tests/specs/coreSpec.js
@@ -19,7 +19,6 @@
*
*/
-/* global OC */
describe('Core base tests', function() {
describe('Base values', function() {
it('Sets webroots', function() {
@@ -235,10 +234,12 @@ describe('Core base tests', function() {
});
afterEach(function() {
clock.restore();
+ /* jshint camelcase: false */
window.oc_config = oldConfig;
routeStub.restore();
});
it('sends heartbeat half the session lifetime when heartbeat enabled', function() {
+ /* jshint camelcase: false */
window.oc_config = {
session_keepalive: true,
session_lifetime: 300
@@ -265,6 +266,7 @@ describe('Core base tests', function() {
expect(counter).toEqual(2);
});
it('does no send heartbeat when heartbeat disabled', function() {
+ /* jshint camelcase: false */
window.oc_config = {
session_keepalive: false,
session_lifetime: 300
@@ -279,6 +281,26 @@ describe('Core base tests', function() {
// still nothing
expect(counter).toEqual(0);
});
+ it('limits the heartbeat between one minute and one day', function() {
+ /* jshint camelcase: false */
+ var setIntervalStub = sinon.stub(window, 'setInterval');
+ window.oc_config = {
+ session_keepalive: true,
+ session_lifetime: 5
+ };
+ window.initCore();
+ expect(setIntervalStub.getCall(0).args[1]).toEqual(60 * 1000);
+ setIntervalStub.reset();
+
+ window.oc_config = {
+ session_keepalive: true,
+ session_lifetime: 48 * 3600
+ };
+ window.initCore();
+ expect(setIntervalStub.getCall(0).args[1]).toEqual(24 * 3600 * 1000);
+
+ setIntervalStub.restore();
+ });
});
describe('Parse query string', function() {
it('Parses query string from full URL', function() {
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 21:38:53 +0000