prevent to open the SAME APPLICATION (with the same session) in two or more browser windows.

Discussion in 'ASP .Net' started by jaibux@gmail.com, Jan 24, 2007.

  1. Guest

    Everybody knows how to open (or clone) the same page that you are
    viewing in a new browser window by CTRL+N or via File->New Window. the
    question is how to PREVENT to open the SAME WEB APPLICATION (with the
    same session) in two or more browser windows.

    any ideas?




    thanks in advance!!! =)
     
    , Jan 24, 2007
    #1
    1. Advertising

  2. Mark Rae Guest

    <> wrote in message
    news:...

    > Everybody knows how to open (or clone) the same page that you are
    > viewing in a new browser window by CTRL+N or via File->New Window. the
    > question is how to PREVENT to open the SAME WEB APPLICATION (with the
    > same session) in two or more browser windows.
    >
    > any ideas?


    Firstly, apart from under exceptional circumstances, sessions are unique
    irrespective of browser and/or user. That means the same 'user' (see below)
    will always have a different session every time they access the web app,
    even when running two copies of the browser on the same computer at the same
    time, so you're on a bit of a non-starter with that one...

    Secondly, the web app will have no idea who the 'user' is unless it uses
    some sort of authentication mechanism i.e. the user logs in, or uses
    Integrated Windows Authentication, which is quite common in corporate
    intranets etc, but highly unlikely on the public Internet.

    Therefore, unless your web app has some way of 'knowing' who the user is,
    there's not much you can do to prevent the same user accessing the same site
    more than once at the same time.
     
    Mark Rae, Jan 24, 2007
    #2
    1. Advertising

  3. Joerg Jooss Guest

    Thus wrote Mark,

    > <> wrote in message
    > news:...
    >
    >> Everybody knows how to open (or clone) the same page that you are
    >> viewing in a new browser window by CTRL+N or via File->New Window.
    >> the question is how to PREVENT to open the SAME WEB APPLICATION (with
    >> the same session) in two or more browser windows.
    >>
    >> any ideas?
    >>

    > Firstly, apart from under exceptional circumstances, sessions are
    > unique irrespective of browser and/or user. That means the same 'user'
    > (see below) will always have a different session every time they
    > access the web app, even when running two copies of the browser on the
    > same computer at the same time, so you're on a bit of a non-starter
    > with that one...


    Unfortunately, that's usually not the case. Most browsers share a cookie
    jar (so to speak) when you open a new window or tab, and that's what most
    users do and the OP alluded to. You have to run another instance of the browser
    executable to avoid this. But at the end of the day, that's an implementation
    detail of the browser.

    Cheers,
    --
    Joerg Jooss
     
    Joerg Jooss, Jan 24, 2007
    #3
  4. Mark Rae Guest

    "Joerg Jooss" <> wrote in message
    news:...

    > You have to run another instance of the browser executable to avoid this.


    That's right - that's what I said:
    "even when running two copies of the browser on the same computer at the
    same
    time,"
     
    Mark Rae, Jan 24, 2007
    #4
  5. Nope, this is what you said
    " That means the same 'user' (see below)
    will always have a different session every time they access the web app,
    even when running two copies of the browser on the same computer at the same
    time"


    And this is incorrect. Most likely browsers will share same session if you
    running 2 copies of the browser window on the same computer at the same
    time.

    George

    "Mark Rae" <> wrote in message
    news:u$...
    > "Joerg Jooss" <> wrote in message
    > news:...
    >
    >> You have to run another instance of the browser executable to avoid this.

    >
    > That's right - that's what I said:
    > "even when running two copies of the browser on the same computer at the
    > same
    > time,"
    >
     
    George Ter-Saakov, Jan 24, 2007
    #5
  6. Mark Rae Guest

    "George Ter-Saakov" <> wrote in message
    news:OYSoY3%...

    > And this is incorrect. Most likely browsers will share same session if you
    > running 2 copies of the browser window on the same computer at the same
    > time.


    I just tried it. I opened 10 instances of IE7 and pointed at my website - 10
    different SessionIDs...

    Then I opened one instance of IE7, pointed at my website and clicked Cltr-N
    nine times - 10 different SessionIDs...
     
    Mark Rae, Jan 24, 2007
    #6
  7. Joerg Jooss Guest

    Thus wrote Mark,

    > "George Ter-Saakov" <> wrote in message
    > news:OYSoY3%...
    >
    >> And this is incorrect. Most likely browsers will share same session
    >> if you running 2 copies of the browser window on the same computer at
    >> the same time.
    >>

    > I just tried it. I opened 10 instances of IE7 and pointed at my
    > website - 10 different SessionIDs...
    >
    > Then I opened one instance of IE7, pointed at my website and clicked
    > Cltr-N nine times - 10 different SessionIDs...


    Funny, IE7 and Firefox2 behave for me just as I've described (I'm testing
    this with my ASP-based web mail site).

    But that't no that point. The point is that this behavior (or a lack of it)
    is an implementation detail, and simply cannot be relied upon.

    Cheers,
    --
    Joerg Jooss
     
    Joerg Jooss, Jan 25, 2007
    #7
  8. Mark Rae Guest

    "Joerg Jooss" <> wrote in message
    news:...

    > But that't no that point. The point is that this behavior (or a lack of
    > it) is an implementation detail, and simply cannot be relied upon.


    Absolutely.
     
    Mark Rae, Jan 25, 2007
    #8
  9. Guest

    On Jan 25, 8:57 am, Joerg Jooss <> wrote:
    > Thus wrote Mark,
    >
    > > "George Ter-Saakov" <> wrote in message
    > >news:OYSoY3%...

    >
    > >> And this is incorrect. Most likely browsers will share same session
    > >> if you running 2 copies of the browser window on the same computer at
    > >> the same time.

    >
    > > I just tried it. I opened 10 instances of IE7 and pointed at my
    > > website - 10 different SessionIDs...

    >
    > > Then I opened one instance of IE7, pointed at my website and clicked
    > > Cltr-N nine times - 10 different SessionIDs...

    >
    > Funny, IE7 and Firefox2 behave for me just as I've described (I'm testing
    > this with my ASP-based web mail site).
    >
    > But that't no that point. The point is that this behavior (or a lack of it)
    > is an implementation detail, and simply cannot be relied upon.
    >
    > Cheers,
    > --
    > Joerg Jooss
    >


    Ok, here's the deal: I was looking for a way to prevent users of my
    website to open two or more instances of the same page. I must add
    that my website is a game, so having multiple browsers opened is no
    doubt an advantage. After reading this thread and trying out a couple
    of things, here's what i did:
    - user opens first instance of the page, he is not logged in.
    - here i used javascript to attach a name to this window. the name is
    a md5 hash of the php session_id , user ip, http_user_agent and
    whatever else you want.
    - the user logs in, then javascript checks if the window name is
    correct.

    - user opens another instance (Open link in new window)
    - since user is already logged in, i check if the window name is still
    the same . it's NOT ! .. i log out the user and force a new session
    with a new id to be created and used in setting the window name.

    what now ?
    user has two choices: either continues to log in on this second page,
    thus disabling the first page since the session id is different so the
    page name will not match . this makes the first page log the user out
    if accessed. Or the user will close the second page, returning to the
    first but will find himself logged out.

    That's it. And because of using the session id along with the ip and
    user_agent this will also work if using two different browsers are
    used or two different computers (IE and Firefox) : all you have to do
    is put that key you created somewhere in a database, in a table where
    you have your online users and checking every time to see if the user
    has the same key or not.

    I hope this helps and if you need a working example, I could send it
    by email.
     
    , Feb 13, 2007
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark
    Replies:
    4
    Views:
    1,164
    Rutger Smit
    Sep 15, 2004
  2. Shawn
    Replies:
    2
    Views:
    377
    =?Utf-8?B?RWx0b24gVw==?=
    Feb 19, 2006
  3. Big Daddy
    Replies:
    1
    Views:
    389
    Mark Fitzpatrick
    Nov 22, 2006
  4. bluebaron
    Replies:
    3
    Views:
    749
    Jonathan N. Little
    Nov 4, 2009
  5. Robert Wallace

    substitute two ore more with two or more

    Robert Wallace, Dec 31, 2003, in forum: Perl Misc
    Replies:
    1
    Views:
    107
    Big and Blue
    Dec 31, 2003
Loading...

Share This Page