Project

General

Profile

Actions
Copy link

Improvements #13970

open

Kill sessioned GET requests early

Added by Matthias Van Ceulebroeck 7 days ago. Updated 5 days ago.

Status:
Review
Priority:
Normal
Assignee:
Romain Mardulyn
Target version:
4.12.1
Start date:
09/10/2025
Due date:
% Done:

0%

Estimated time:

Description

If a session comes in, that is NOT detected as a bot, and does allow JavaScript, they should never have a wtd parameter attached to them.
This can only be the case if JavaScript is disabled.

In the wild we've seen this happen, with suspected bots that are JS/Ajax capable, but still seemingly are only used to access a page singularly, not utilizing the session.
These type of sessions should be killed early, so they do not uselessly take up memory.

Related issues 1 (1 open0 closed)

Related to Improvements #13877: Be less permissive to botsNew07/29/2025

Actions
Actions
Copy link
 #1

Updated by Matthias Van Ceulebroeck 7 days ago

  • Status changed from InProgress to Review
  • Assignee deleted (Matthias Van Ceulebroeck)
Actions
Copy link
 #2

Updated by Matthias Van Ceulebroeck 6 days ago

Actions
Copy link
 #3

Updated by Romain Mardulyn 5 days ago

  • Assignee set to Romain Mardulyn
Actions
Copy link

Also available in: Atom PDF