From ce168c286ac0ebd8c38a659880f85d270c697b69 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 12 Jun 2014 18:41:19 +0200 Subject: [PATCH 1/2] Added max heartbeat interval to prevent integer overflow When using big session timeout values, the interval value might overflow and cause the setInterval() call to ping the server in a loop without any delay. This fix adds a maximum ping interval of 24 hours. Forward port of 00ec5fc1935c946e846a8ff28491e5b5b017b3d7 from stable6. --- core/js/js.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/js/js.js b/core/js/js.js index 1d5219eff12..a8dd9ca889d 100644 --- a/core/js/js.js +++ b/core/js/js.js @@ -968,6 +968,8 @@ function initCore() { * time out */ function initSessionHeartBeat(){ + // max interval in seconds set to 24 hours + var maxInterval = 24 * 3600; // interval in seconds var interval = 900; if (oc_config.session_lifetime) { @@ -977,6 +979,9 @@ function initCore() { if (interval < 60) { interval = 60; } + if (interval > maxInterval) { + interval = maxInterval; + } var url = OC.generateUrl('/heartbeat'); setInterval(function(){ $.post(url); From 6a0f5cfc619e8e7463883b8df1375b93bc68a4d1 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 12 Jun 2014 18:42:09 +0200 Subject: [PATCH 2/2] Added unit tests for heartbeat interval min/max values --- core/js/tests/specs/coreSpec.js | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/core/js/tests/specs/coreSpec.js b/core/js/tests/specs/coreSpec.js index 3c62b976779..dd9d4a79277 100644 --- a/core/js/tests/specs/coreSpec.js +++ b/core/js/tests/specs/coreSpec.js @@ -19,7 +19,6 @@ * */ -/* global OC */ describe('Core base tests', function() { describe('Base values', function() { it('Sets webroots', function() { @@ -235,10 +234,12 @@ describe('Core base tests', function() { }); afterEach(function() { clock.restore(); + /* jshint camelcase: false */ window.oc_config = oldConfig; routeStub.restore(); }); it('sends heartbeat half the session lifetime when heartbeat enabled', function() { + /* jshint camelcase: false */ window.oc_config = { session_keepalive: true, session_lifetime: 300 @@ -265,6 +266,7 @@ describe('Core base tests', function() { expect(counter).toEqual(2); }); it('does no send heartbeat when heartbeat disabled', function() { + /* jshint camelcase: false */ window.oc_config = { session_keepalive: false, session_lifetime: 300 @@ -279,6 +281,26 @@ describe('Core base tests', function() { // still nothing expect(counter).toEqual(0); }); + it('limits the heartbeat between one minute and one day', function() { + /* jshint camelcase: false */ + var setIntervalStub = sinon.stub(window, 'setInterval'); + window.oc_config = { + session_keepalive: true, + session_lifetime: 5 + }; + window.initCore(); + expect(setIntervalStub.getCall(0).args[1]).toEqual(60 * 1000); + setIntervalStub.reset(); + + window.oc_config = { + session_keepalive: true, + session_lifetime: 48 * 3600 + }; + window.initCore(); + expect(setIntervalStub.getCall(0).args[1]).toEqual(24 * 3600 * 1000); + + setIntervalStub.restore(); + }); }); describe('Parse query string', function() { it('Parses query string from full URL', function() {