If you create a session with
createSession(sometimeoutvalue), then it never actually times out. The reason seems to be that the list of sessions in the Global area is actually an Array object, whereas all the values added to it are set ByName (i.e. the key is the MD5hash used for the cookie, rather than an integer index).
Now,
sessionTimer() is supposed to be called periodically in order to see whether the time is up, so it looks at
sessions.length to see if there are any sessions to be examined. But, of course, the length attribute of an array only inlcudes the arrayelements set by index, not those set ByName. So, seeing no sessions, it switches itself off.
The cure is to make sessions an Object rather than an Array. This is done by redefining the
sessions variable in ejs.es by
Code:
var sessions = new Object()
This indeed works, and sessions are destroyted when they timeout.
BUT there are then other problems since,
ejsDeleteProperty and
ejsDeletePropertyByName do not actually remove any properties from the Object. They just replace that
session in
sessions by the Nullobject (and maybe remove the name from the hashtable). The result is that the
sessions object continues growing in size indefinitely as new sessions are created and destroyed, until the server is restarted. A huge memory leak, in fact.
In fact, I reckon the same thing was already happening when
sessions was an Array. The cure would be to arrange for the deleted slots to be re-used, or maybe for
ejsRemoveSlot to be called (I gather that is a dubious practice, though). This would require some tinkering with
ejsSetPropertyByName, or with
ejsCheckObjSlots.
On top of that,
sessionTimer now sees the timedout sessions and deletes them, but it also sees all the old Nullobjected ones, so it never realises that there are no sessions left, and so never turns itself of (which can be wasteful).
Login
Register
FAQ
Search
