Interactsh version:
v1.3.1 (current main)
Current Behavior:
The sessions metric drifts upward on long-running servers and doesn't match the real number of active clients. Three small bugs add up:
- Register increments the counter before
SetIDPublicKey runs, so duplicate ids or bad keys leak +1.
- Deregister decrements before the body is decoded, so garbage POSTs or wrong-secret requests leak -1.
- Cache TTL/size eviction silently removes sessions without ever decrementing.
Expected Behavior:
sessions should track the real number of active sessions: failed register/deregister calls don't move it, and eviction decrements it.
Fixed by #1348.
Interactsh version:
v1.3.1 (current main)
Current Behavior:
The
sessionsmetric drifts upward on long-running servers and doesn't match the real number of active clients. Three small bugs add up:SetIDPublicKeyruns, so duplicate ids or bad keys leak +1.Expected Behavior:
sessionsshould track the real number of active sessions: failed register/deregister calls don't move it, and eviction decrements it.Fixed by #1348.