All requests create a session #30321

wezell · 2024-10-10T15:34:22Z

Regression.

Requests for all assets create a session unnecessarily.

Run this:

curl --head https://demo.dotcms.com/dA/4694d40bd9be/image/320maxh/diving.jpg

And you can see the headers include a JSESSIONID cookie which means a session has been created.

set-cookie: JSESSIONID=745C39F2CACB95B2EC1A01DA4024F0F6; Path=/; Secure; HttpOnly; SameSite=Lax

This regression is caused by the variant code. Bottom line, I don't think we need to create a session if there is no specific variable requested, e.g. variable = "DEFAULT".

You can test this by dropping a breakpoint in the SessionMonitor.sessionCreated method.

Acceptance Criteria

This is a regression and it has happened a few times over dotCMS's lifetime. We need a postman test to make sure we don't create sessions if they are not needed.

Dupe: #7433

The text was updated successfully, but these errors were encountered:

ref: #30321

wezell added Triage Type : Task labels Oct 10, 2024

wezell added a commit that referenced this issue Oct 10, 2024

fix(perf) don't create session if it is not requrired

4a8fe81

ref: #30321

wezell linked a pull request Oct 10, 2024 that will close this issue

fix(perf) don't create session if it is not required #30322

Open

wezell added the Team : Falcon label Oct 10, 2024

wezell assigned freddyDOTCMS Oct 10, 2024

wezell added the LTS : Next Ticket that will be added to LTS label Oct 10, 2024

freddyDOTCMS mentioned this issue Oct 10, 2024

Create a Postman Test to check if HttpSession are been created needlessly #30323

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

All requests create a session #30321

All requests create a session #30321

wezell commented Oct 10, 2024 •

edited

Loading

All requests create a session #30321

All requests create a session #30321

Comments

wezell commented Oct 10, 2024 • edited Loading

Acceptance Criteria

wezell commented Oct 10, 2024 •

edited

Loading