Stemon63 Posted April 8, 2021 Share Posted April 8, 2021 Hi, I need to understand when a new session is created in server code. For avoid unecessary invalid sessions and resource consuption, especially on massive attacks or user hacking attemps, and also when I open sessions from links with additional parameters (via email), I need to understand when exactly the session is created, with the intention to abort the connection if there are wrong information WITHOUT create first a session and then destroy it. I see in other post that in TUniServerModule.UniGUIServerModuleHTTPCommand is used, when connection must be rejected: AResponseInfo.CloseConnection := true; AResponseInfo.CloseSession; At this point, session is already created and then destroyed, or never created ?? I am looking for a way for avoiding session creation on strange situations and directly close connection. Thanks in advance! Quote Link to comment Share on other sites More sharing options...
irigsoft Posted April 8, 2021 Share Posted April 8, 2021 Hello, TUniServerModule.UniGUIServerModuleHTTPCommand is best way to catch all data event before session's parameters are created. If Session is created, many parameters are created too like Cookies and so on. But when Client make call to server, there is data exchange before full session creation (all Session parameters). For my purposes I use this TUniServerModule.UniGUIServerModuleHTTPCommand even for events before the session is fully created and all its parameters Other functions are :TUniServerModule.UniGUIServerModuleHTTPCommand, TUniServerModule.UniGUIServerModuleHTTPDocument Try it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.