Permalink
Browse files

cfg.check_session_hijack bugfix 2

  • Loading branch information...
1 parent ea9cf3e commit da87654ec9adb438f5576f59a3c52c888ff2262a @kaven276 committed Oct 22, 2012
Showing with 4 additions and 5 deletions.
  1. +4 −5 lib/psp.web.js
View
@@ -129,11 +129,10 @@ function pspdweb(req, res, next){
stat.reqCnt++;
normalReq = true;
cookies = parseCookie(req);
- if (cfg.check_session_hijack) {
- if (ensureSID() === false) {
- return;
- }
+ if (ensureSID() === false) {
+ return;
}
+
DBInMgr.findFreeOraSockThen(reqUrl, req.connection, function(c, br){
if (c) {
oraSock = c;
@@ -179,7 +178,7 @@ function pspdweb(req, res, next){
delete cookies['GUARD' + port];
ohdr['Set-Cookie'] = setCookies;
- if (bsid) {
+ if (bsid && cfg.check_session_hijack) {
try {
if (newGuard = mGuard.checkUpdate(host, bsid, guard, rb.caddr)) {
writeHead = bakRes.writeHead;

0 comments on commit da87654

Please sign in to comment.