I know this question has been asked before but I have not found a complete answer. When the user selects duplicate tab in IE it appears the current tab gets its url(with cookless session id) from the current window. Then the two tabs are sharing session values.
I have tried checking the referrer for null, but on the Duplicate Tab command in IE that value is set to the current tab.
The only workaround I see is to get rid of session.
The last tab gets the latest session info, sessions are based on browser instances, not tabs, that is ust how they work. You are fighting a losing battle.
You could map the same site to two different domains. When your users want to open a second session, they can access the second domain, which will create a second session.
Related
I have a Layout page which sets up the list of Projects in the application using Telerik's ComboBox as shown. The combobox allows user to select a project he/she wants to work on.
Once a selection is made, I want all subsequent actions in the application should correspond to the selected Project. I can preserve the Project information in a Session but then if user chooses to open this in a new tab and in 2nd tab users switches to a different Project and comes back to the first tab and refreshes the page then the session information (Project) would have changed which will create issues in my application.
So, what is the best way for me to persist Project information of the Layout.cshtml controls so that I can use it in my application such that every page that is rendered uses the currently/correctly selected values.
Tempdata / QueryStrings came to my mind but i don't know whether they will be reasonable solution to my problem. If yes, then how should I use them generically (specially querystrings) without complicating my solution?
localStroage and sessionStorage also seems like relevant solutions but then how do I use them in scenario where user opens a new tab from existing page? How will the Project # will persist on the newly opened page/window/tab?
something like this is achievable, if you make sure the url changes when a selection is made.
So let's say you select project C-1379 in your dropdown box, at that point your url could become http://localhost:58692/pid=C-1379.
from now onwards, your page can load the desired data, retrieving its required information from the query string. Do not use session or localstorage or anything like that as it won't work.
This way, you can still load your list of projects in your layout page, and you can select one based on the query string value and then load some default values via api calls to the back end.
If all your work from now on is done based on api calls, for example, you have some properties that you change and then you issue a POST to update said details then this is very easily done as well.
telerik controls usually have some events associated with them. the one you are using should have an onChange or something like that. This where where you would update the query string with the value of the project selected and then you can proceed to do what you need
I can preserve the Project information in a Session but then if user
chooses to open this in a new tab and in 2nd tab users switches to a
different Project and comes back to the first tab and refreshes the
page then the session information (Project) would have changed which
will create issues in my application.
I would have thought this is the desired behavior... take stackoverflow.com as an example, if I change my username in one browser-tab, I would expect my username to be updated in other browser-tabs as well... and that's what happens if I refresh my other tab.
There is no built in solution for maintaining user info in different browser tabs separately... the only way to achieve this, is by sending project name back and forth in the URL... but then you would loose this info if user changes the URL... In my opinion, this is an ad hoc solution and does not worth the effort of development, because it's a very uncommon scenario.
Getting to your options:
Storing user info is a very typical use case for session variable.
TempData is stored in Session by default. Though you can write
your own custom TempDataProvider and store it somewhere else (e.g.
database, cookie, etc). See Brok Allen's Cookie TempDataProvider
as an example. One advantage of using Cookie is that you send your
session variable back and forth with the request so you don't need to
worry about Sticky Sessions.
You can of course use a permanent storage, such as DB/Disk.
If the project name is not a sensitive info then I don't see any issue in passing it in Query String.
I have an intranet website. Within this is some code which stores a few variables within an HttpSessionState object. For all but one user this works. However for reasons unknown, on this one person's machine, it doesn't appear to be saving it.
The reason I know this is that basically its an asp.net wizard. On step 1 the user makes a selection and that gets stored. When attempting to move to the next step, the session gets checked for a valid value. In this case, the user is making the selection but it never gets remembered.
Very odd as it should be a standard build. I also see the same problem whether IE or Chrome.
Any high level things I could check to help diagnose?
Thanks.
If they have their browser privacy settings set to a high level this could prevent the session cookie from being accepted. Just a stab in the dark.
I have an ascx. In this ascx, I have any number of controls that I can interact with and set a session variable and it works as expected.
However, when (in the same control), I try to set session in page load, I get a different error depending on how I implement it:
System.Web.HttpContext.Current.Session("Test") = "Test"
It says that, summarized, the Session object is nothing.
If, instead, I say:
Session("Test") = "Test"
It then tells me that I need to enable session state in either the page or web.config. I have indeed checked and session is enabled in the web.config and furthermore, those session statements that are called in response to a click on a runat="server" control works fine.
At this point, I'm almost certain that my issue is because I lack knowledge on the lifecycle of the page and session object. So I therefore have two questions:
Why isn't this working as I expect? I suspect that I'm trying to call Session before some other code which makes it available is executing but what might that be?
How can I make it work so that I can store information in a session variable on page load (and subsequently clear it on page unload)? If I cannot make this work as I hope, how can I do something similar server-side?
The problem was caused by having multiple tabs in the same browser open.
To clarify...
Say maybe tab 1 is open to the page before where I tried to set session because I'm debugging and lazy and didn't close other tabs.
And then maybe tab 2 is the current tab that just opened when I started debugging. The only code change is where I'm trying to set a session variable.
There are now two tabs open with conflicting session state data. When the current code tries to set session, it is in conflict with what is being sent back and forth to "wherever sessions live". Or maybe it doesn't really work that way but closing the old tabs opened with "older code" and having only tabs opened that face the "new code" solves the problem.
How can i allow multiple tab browser sessions? I've done research and found this line of code:
<sessionState mode="InProc" cookieless="UseUri" />
I was not allowed to use this because the url was displaying the session id on every tab. Are there any other way else i can allow unique session id in multiple tabs? Does any other state managements available is able to work in multiple tabs?
You can't. Whatever session method you're using, it will still be possible to get the same session into multiple tabs, and impossible to detect on the serverside that a page has been opened in a new tab.
Regardless of whether you're allowed to use it or not, the UseUri session management method won't help. If a user tries to open a link in a new tab rather than in the current window, you [a] have no way of detecting this on the server-side, and [b] you have no way on the server-side to create a new session, transfer the page execution to this new session, all whilst keeping the current session intact.
I have written an application in ASP.net, that is designed to let the user add records to a database. The page is set up that when a user adds a record, the ID number of the newly added record is set in session, the page Response.Redirects to a "Thank you for submitting" page, then redirects back to the original page to allow further edits. Users can also use the Back button on this screen to go back to the original record adding page, which allows them to make edits to the data.
However, I have found that storing the ID in session isn't a terribly good solution, as a user might try to create two documents in different tabs or windows. I have also tried setting the ID in a literal control, but this causes the problem that when the user uses the Back button, the literal control isn't set to the ID, and new records get added instead of one being edited.
Is there any kind of solution for this?
I'd recommend storing your ID in the QueryString. After the record is added, redirect to your "thankyou" page, which then I am guessing contains a link to the edit form which you will generate with the ID in the querystring. When that link is followed, the edit page shouild pull the ID out of the query string in order to load up the correct record to edit.
Your add and edit form can even be the same page, when an ID is provided in the querystring, your form knows to edit that record, otherwise your form adds a new record.
Silly question, why can the user use the back button to edit the data just accepted in a post?
If the edit previously posted data is a common scenario why not just redirect to a page when the data is accepted that lets them edit it. Then if the hit the back button they would be going back to the original "clean" insert/add new data page.
This would give the following flows
Add->[Post]->Edit->.....
Add->[Post]->Edit->[Back button]->Add->[Post]->Edit->[Post]->Edit....
Have you tried adding the ID in the querystring? Then you could read it, and add it to the session as needed (say on a user clicking the back button).
Seems like a lot of problems allowing editing of an object in a page rendered when using the back button. Would it be too much to give them an edit button instead?
The controls save their state in the ViewState. If you choose to use SessionState instead of ViewState to store the information, then the controls will save their state in the session state and it won't work properly with multiple tabs.
I have not yet found a way to bypass this issue while still using SessionState. Our solution was to use the normal ViewState.
I've tried storing the ID in the querystring (which is mostly fine for editing), but the problem with that is when the information is stored in session for when they use the Back button. If the user does the following:
User creates a record (1st record), the ID is passed along in the querystring, and temporarily stored in session.
User creates another record (2nd record), the ID is passed along in the querystring, temporarily stored in session.
User uses the Back button on the first record to go to the page that doesn't have the querystring.
It's probably a far-fetched scenario, but it's one that may happen. The only solution I have is to block the usage of the Back button to go back to the adding page, by using window.history.forward() in JavaScript. But this as a solution is terrible.
My question for you is why are you storing anything in the session to begin with? If you can avoid storing anything in the session, I think you will be better off altogether.
Having thought about this, does the following sound like a decent solution to the problem I outlined above?
When first adding a record, store a timestamp of when the add page was accessed in a hidden field.
This timestamp is passed through session when the user clicks save. Along with the ID.
If the user opens another tab at the same time and saves, then the new page's timestamp gets passed through session.
If the user tries to access the add page of first record (using the back button), the system looks up session, and sees if there is a timestamp, and whether it matches the one in the hidden field for that page.
If it doesn't match, then the user gets a prompt, and told to edit the record properly.
Does this sound reasonable, or too overly complex?