fix(status): Avoid session creation for status requests

Signed-off-by: Git'Fellow <[email protected]>

Author: solracsf

lib/base.php

@@ -363,6 +363,13 @@ private static function printUpgradePage(\OC\SystemConfig $systemConfig): void {
 	public static function initSession(): void {
 		$request = Server::get(IRequest::class);
 
+		// Do not initialize sessions for 'status.php' requests
+		// Monitoring endpoints can quickly flood session handlers
+		// and 'status.php' doesn't require sessions anyway
+		if (str_ends_with($request->getRequestUri(), '/status.php')) {
+			return;
+		}
+
 		// TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies
 		// TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments
 		// TODO: for further information.
@@ -790,7 +797,7 @@ public static function init(): void {
 				$isScssRequest = true;
 			}
 
-			if (substr($request->getRequestUri(), -11) === '/status.php') {
+			if (str_ends_with($request->getRequestUri(), '/status.php')) {
 				http_response_code(400);
 				header('Content-Type: application/json');
 				echo '{"error": "Trusted domain error.", "code": 15}';