When viewing the page overlay, on some sites, the sidebar may fail to authenticate and shows the following message:
Error: Your session has expired due to inactivity
When this happens the AJAX call to the renderSidebar
controller method is sent with a different session cookie than all the other requests which causes the API request to fail as the session is not authenticated.
See L3-197
The page overlay sidebar should consistently use the currently logged in session and not show an error.
The page overlay sidebar intermittently fails to use the current session and loads with an error.
If a Javascript breakpoint is added to Piwik_Overlay.js
at line 33 (the beginning of the loadSidebar()
method) and execution is immediately continued when that breakpoint is hit, then loadSidebar()
sends the correct cookie and the error does not occur. As soon as the breakpoint is removed the session expired error returns on the next reload.
It appears to be some sort of race condition where loadSidebar()
somehow executes before the session cookie is available and the small delay introduced by the breakpoint prevents this happening.
Adding a small delay to the loadSidebar()
call might fix this, but to confirm the fix this issue would need to be recreated in development environment first.
This is hard to recreate and has only been seen on one site so far.
This prevents usage of the page overlay feature for affected sites.