Last post Mar 22, 2016 12:42 PM by PatriceSc
Feb 04, 2016 01:01 PM|akibs|LINK
I am working with asp.net web forms and using session variables in my application. I am trying to terminate or kill the browser sessions when the browser crashes or if the user ends the browser application from task manager. like any bank web site . I can
terminate session on tab or browser close but not on killing browsers process from task manager.
Feb 05, 2016 05:31 AM|sudo10|LINK
killing browsers process from task manager.
If you don't set the timeout property of the session, when you kill the browser process then the session variables or session data will anyways be lost.
Feb 17, 2016 06:37 AM|Klein Zhang|LINK
As web applications use http, and http is stateless, you can not know for sure what happens on client side, since there is no connection between client and server. The only thing that can be used to keep track of it is the session. And the session is kept
by the server as long as it was set up to be kept, or the application is closing it.
So if you want to close the session, you have to initiate it from the server. Thus the server side part of your application has to be notified about browser closure.
I can terminate session on tab or browser close but not on killing browsers process from task manager.
Deleting the session cookie on client side won't close the session on server side. You might try to catch events like leaving your site, closing a browser window, but this is only part of the situations how the user could leave your application: might loose
network connection, kill the browser, browser might crash, and so on. These event will be never caught by your application. Thus you can not rely on client side.
Mar 22, 2016 12:42 PM|PatriceSc|LINK
You don't have that level of contorl on the client side (ie knowing that the browser crashed). Make sure also to make the difference between cleaning up server side and creating a new session. First more likely your bank web site doesn't store anything sensitive
in session and if the browser crashes doesn't clean up anything server side. You'll just have a new session which starts when the browser is launched again and the previous session will stay alone until the session timeout expires.