From a246cc10fd0e0b43e283f1c652588b73f39c0a88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= <danxuliu@gmail.com>
Date: Thu, 11 Oct 2018 10:53:25 +0200
Subject: [PATCH] Ignore "session_lifetime" if it can not be converted to a
 number
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

When "session_lifetime" can not be converted to a number the interval
becomes a NaN due to dividing it by 2. This NaN was "dragged" over all
the other mathematical operations and caused the csrftoken to be got
again and again due to an infinite loop with no pauses in "setInterval".
Now, the interval is set to the default value instead if the
"session_lifetime" can not be converted to a number.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
---
 core/js/js.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/core/js/js.js b/core/js/js.js
index 8e7796143d5ab..c1b7e205aabdd 100644
--- a/core/js/js.js
+++ b/core/js/js.js
@@ -1402,10 +1402,12 @@ function initCore() {
 	 */
 	function initSessionHeartBeat() {
 		// interval in seconds
-		var interval = 900;
+		var interval = NaN;
 		if (oc_config.session_lifetime) {
 			interval = Math.floor(oc_config.session_lifetime / 2);
 		}
+		interval = isNaN(interval)? 900: interval;
+
 		// minimum one minute
 		interval = Math.max(60, interval);
 		// max interval in seconds set to 24 hours