Skip to content
Browse files

session hijack detection can be on/off

  • Loading branch information...
1 parent 4b075ea commit 7dd1f94f57544754f7cc6b2f1467e2eb6b23b7b0 @kaven276 committed
Showing with 2 additions and 1 deletion.
  1. +1 −0 lib/cfg.js
  2. +1 −1 lib/psp.web.js
View
1 lib/cfg.js
@@ -11,6 +11,7 @@ module.exports = {
ssl_cert : undefined, // server side ssl certification text for https service
accept_count : 10, // accept connection queue limits, when all oracle socket is in use, requests will go to queue.
keepalive_timeout : 1200, // browser to server keepalive timeout, default to 20 minutes
+ check_session_hijack : true, // if enable the browser session hijack detection
plsql_mount_point : '/', // where to mount all plsql page for combined server
file_mount_point : '/', // where to mount all static file for combined server
View
2 lib/psp.web.js
@@ -129,7 +129,7 @@ function pspdweb(req, res, next){
stat.reqCnt++;
normalReq = true;
cookies = parseCookie(req);
- if (ensureSID() === false) {
+ if (cfg.check_session_hijack && ensureSID() === false) {
return;
}
DBInMgr.findFreeOraSockThen(reqUrl, req.connection, function(c, br){

0 comments on commit 7dd1f94

Please sign in to comment.
Something went wrong with that request. Please try again.