Solved

Window close event

Posted on 2007-03-28
5
649 Views
Last Modified: 2012-08-13
Hello All,
I have a web application developed in PHP. We are working on fixing XSS issues and some security issues. We have an issue as below:
When a user logs in, we create a cookie and its stored in browser. And when user browsers the pages the cookie is used to know if the user is logged in. From one window the user clicks some link which opens another window with the same cookie. What we want to do is when the user closes the new opened window or the main window, we want to destroy the cookie. We are opening the new windows as
var de=window.opne("a.html");
Can anyone give me a solution.

Thanks & Regards,
Gowni
0
Comment
Question by:gowni
  • 2
5 Comments
 
LVL 63

Expert Comment

by:Zvonko
ID: 18806380
Immeditely before opening the new window you can nullify or delete the cookie.
To nullify do this:
document.cookie="TheSessionCookieName=;path=/;";
var de=window.opne("a.html");

To delete use this:
document.cookie="TheSessionCookieName=;path=/;expires=Fri, 27 Jul 2001 02:47:11 UTC;";
var de=window.opne("a.html");


But you CANNOT delete the cookie for one window and let it stay for old window. All cookies are global for one domain and same Realm.  A realm is simply a directory and all subdirectories on the web server.

0
 
LVL 11

Expert Comment

by:walkerke
ID: 18806398
You could try using an onunload or onblur event for the body, but I'm not sure if that would be executed if the window were closed as opposed to loading a different page. You could also put a close wndow button on the new page which not only closes the window, it deletes the cookie.

Regardless, you should set a short expiration period for the cookie.
0
 
LVL 1

Author Comment

by:gowni
ID: 18806520
Hi,
Thanks for your responses. But I think I was not so clear in explaining. Sorry about that.
When a user logs in, he is broswing some pages and opens some new windows while browsing. When he will close any of the window, the cookie should be deleted.

Thanks & Regards,
Karunakar
0
 
LVL 63

Accepted Solution

by:
Zvonko earned 250 total points
ID: 18807058
The cookie can be deleted like this:

document.cookie="TheSessionCookieName=;path=/;expires=Fri, 1 Jan 1980 01:01:01 UTC;";



0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

This article will give core knowledge of JavaScript and will head in to your first JavaScript program. I am Durvesh Naik and I am here to deal with this series of JavaScript. I will teach you JavaScript in part wise , as its quite boring to read big…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now