Solved

asp.net vb.net session issue with multiple browser tabs

Posted on 2013-05-29
4
1,612 Views
Last Modified: 2013-06-02
I am stepping in to the middle of a very big asp.net/vb.net app project.

The app uses asp.net membership forms authentication to manage users and logins.

The app also uses sessions variables quite a bit to pass data around (no data is passed around in the query string).

The issue is that a user will pull up a record which sets a session variable for the recordid.
Then they will need to jump to another record, but keep the current record open.
So they will open a new browser tab and look up the other record which then changes the session variable.
Then they will go back to the first record and add a child record.  But it gets added to the wrong parent record because of the session variable switch.

I have done a whole bunch of google'ing and reading on this, but I can't find an easy fix.
(Yes, I no there may not be an easy fix).

One option would be to prevent them from opening the site in a 2nd tab.
Or at least make sure that it starts a new session if they open in 2nd tab.
I have looked in to this, but haven't found a solution.

Any suggestions would be much appreciated.

Thanks!
0
Comment
Question by:kevinvw1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 250 total points
ID: 39206700
In all other questions here where session id's are stored in cookies, they have discovered that the 'cookie jar' is common to all open windows of a browser.  If you change the value in one window, it changes in ALL windows.  There is no known fix for this problem.  All browsers act this way.  

However... each browser keeps it's Own cookies and does not share them with the other browsers.  So you can open a different browser and not change the session in the first browser.
0
 
LVL 16

Accepted Solution

by:
Stephan earned 250 total points
ID: 39206710
Like davebaldwin said: a session is persistend in all windows of thesame browser.

The only approach to fix this, is using URL's. If you do webforms you can try viewstate and in mvc try viewdata.
0
 

Author Comment

by:kevinvw1
ID: 39215372
Actually it looks like DOM sessionStorage may help me in this situation.

sessionStorage variables appear to be unique within sessions and within tabs.

Something like this -

if (""+sessionStorage.getItem("id") == "null")
      {      
            var milliseconds = new Date().getTime();
            alert ("Now setting to - " + milliseconds);            
            sessionStorage.setItem("id",milliseconds);
      }
}

I just ran a test and even using "Duplicate Tab" gives me a new local id value.

So between cookies and DOM sessionStorage I think I can prevent the user from opening 2nd session (in same browser).

Thanks for your help.
0
 
LVL 16

Expert Comment

by:Stephan
ID: 39215393
Hi Kevin,

Keep in mind that sessionStorage is not available in all browsers (doesn't work in IE7)
Here is a list of browsers that support and doesn't support sessionStorage:
http://caniuse.com/namevalue-storage

Check out the following polyfill:
https://gist.github.com/tagawa/2880273
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question