Request for manifest creates many sessions

[joelanman]

Description of the issue

As discovered here, a new session is created for every request to the manifest. This creates many unneeded files

Steps to reproduce the issue

In the browser, go to a page in the prototype
Each time this happens a new session file appears in .tmp/sessions

Actual vs expected behaviour

Only one session should be created per client

Environment (where applicable)

• Operating system:
• Browser:
• Browser version:
• GOV.UK Prototype Kit version: 13.16.0

Workaround

To workaround, add this line to your layouts file (for example app/views/layouts/main.html)

{% block headIcons %}{% endblock %}

[36degrees]

Thanks @joelanman – raising this was on my list of things to do this morning so now I can tick that off! 😝

[ed6767]

+1

We had extensive load times and thousands of requests on our prototype service that's only availible to authenticated users, so a maximum of 3-4 users at a time

We were able to resolve by adding {% block headIcons %}{% endblock %} to app/views/layouts/main.html

[oscarduignan]

this happens because requests for manifests are done without any cookies, but the handler in the prototype kit serving the manifest file still checks that the request is authenticated, and when it isn't (because browsers don't send cookies) it redirects that request to the login page - which creates a new session - and won't occur locally since auth isn't turned on

[oscarduignan]

guess the manifest file should be added to

govuk-prototype-kit/lib/authentication.js

Line 9 in c0e7079

const allowedPathsWhenUnauthenticated = [