Merge pull request #21577 from owncloud/make-code-cleaner-by-removing-unrequired-security-features

Remove code related to session regeneration after some time

Merge pull request #21577 from owncloud/make-code-cleaner-by-removing-unrequired-security-features
53c4a552 · Morris Jobke · 21a700bc · 74876fa6 · 53c4a552
Commit 53c4a552 authored 9 years ago by Morris Jobke
--- a/lib/base.php
+++ b/lib/base.php
@@ -431,20 +431,10 @@ class OC {
 			//show the user a detailed error page
 			OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
 			OC_Template::printExceptionErrorPage($e);
+			die();
 		}
 		$sessionLifeTime = self::getSessionLifeTime();
-		// regenerate session id periodically to avoid session fixation
-		/**
-		 * @var \OCP\ISession $session
-		 */
-		$session = self::$server->getSession();
-		if (!$session->exists('SID_CREATED')) {
-			$session->set('SID_CREATED', time());
-		} else if (time() - $session->get('SID_CREATED') > $sessionLifeTime / 2) {
-			$session->regenerateId();
-			$session->set('SID_CREATED', time());
-		}
 		// session timeout
 		if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) {