session lost when opening new window via javascript

Discussion in 'ASP General' started by Tony G., Jan 15, 2005.

  1. Tony G.

    Tony G. Guest

    Hi there,

    I have an APS 3 application, running on a Windows 2003 Web edition server -
    it is a very busy website, and when users are click on certain links
    (membership info), a new window i opened via javascript.

    This new window is on the SAME website as where the user is located, but
    just opened in HTTPS (secure) mode - the user can now examine memberhip terms
    and continue to buy membership.

    And this works fine, and hundreds of times each day this page i opened and
    used - but sometimes when a user opens this page, his session is lost ?!!?

    On all links (in javascript) that opens this window, I have embedded the
    current user ID in the URL string (as debug), and every single time the
    window opens, an active a user ID is present - so when they click on the
    link, they have a user ID - but when the window is opened, sometimes the
    session is lost.

    Any idea why this happens ? I have debugged and debugged to see if there is
    any pattern, but sadly there isn't ...

    Can anyone help me, please ?


    Regards,
    Tony Fonager

    Denmark
     
    Tony G., Jan 15, 2005
    #1
    1. Advertising

  2. Tony G.

    Adrienne Guest

    Gazing into my crystal ball I observed "=?Utf-8?B?VG9ueSBHLg==?=" <Tony
    > writing in
    news::

    > Hi there,
    >
    > I have an APS 3 application, running on a Windows 2003 Web edition
    > server - it is a very busy website, and when users are click on certain
    > links (membership info), a new window i opened via javascript.
    >
    > This new window is on the SAME website as where the user is located,
    > but just opened in HTTPS (secure) mode - the user can now examine
    > memberhip terms and continue to buy membership.
    >
    > And this works fine, and hundreds of times each day this page i opened
    > and used - but sometimes when a user opens this page, his session is
    > lost ?!!?
    >
    > On all links (in javascript) that opens this window, I have embedded
    > the current user ID in the URL string (as debug), and every single time
    > the window opens, an active a user ID is present - so when they click
    > on the link, they have a user ID - but when the window is opened,
    > sometimes the session is lost.
    >
    > Any idea why this happens ? I have debugged and debugged to see if
    > there is any pattern, but sadly there isn't ...
    >
    > Can anyone help me, please ?
    >
    >


    I would suspect something to do with javascript. Have you tested it with
    javascript turned off? Are you sure that the javascript is working on all
    modern browsers? You might run into problems if you're doing something like
    <a href="javascript:function()"> because javascript is not a valid URI
    scheme, and some browsers, Opera for example, will not recognize it.


    --
    Adrienne Boswell
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
     
    Adrienne, Jan 15, 2005
    #2
    1. Advertising

  3. Tony G.

    Tony G. Guest

    Thanks for the answer!

    I am pretty sure that it has NOTHING to do with the javascript open window
    command, for several reasons. The only thing the javascript does, is to open
    a new window - and this window IS actually being opened, in the cases where I
    have problems, as my debugging begins AFTER the window has been opened and
    loaded ...

    If javascript is turned off, the window would not open at all, right ?

    This is the javascript function :

    var win = null;
    function newWindowPayment(mypage,myname,w,h,scroll)
    {
    LeftPosition = (screen.width) ? (screen.width-w)/2 : 0;
    TopPosition = (screen.height) ? (screen.height-h)/2 : 0;
    settings = 'height='+h+',width='+w+',top=' +
    TopPosition+',left='+LeftPosition+',scrollbars='+scroll+',status=yes'
    win = window.open(mypage,myname,settings)
    if(win.window.focus)
    {
    win.window.focus();
    }
    }

    My debugging tells me that it happens on very moderns browsers as well, that
    is IE 6 and so forth ...


    Regards,
    Tony

    "Adrienne" wrote:

    > Gazing into my crystal ball I observed "=?Utf-8?B?VG9ueSBHLg==?=" <Tony
    > > writing in
    > news::
    >
    > > Hi there,
    > >
    > > I have an APS 3 application, running on a Windows 2003 Web edition
    > > server - it is a very busy website, and when users are click on certain
    > > links (membership info), a new window i opened via javascript.
    > >
    > > This new window is on the SAME website as where the user is located,
    > > but just opened in HTTPS (secure) mode - the user can now examine
    > > memberhip terms and continue to buy membership.
    > >
    > > And this works fine, and hundreds of times each day this page i opened
    > > and used - but sometimes when a user opens this page, his session is
    > > lost ?!!?
    > >
    > > On all links (in javascript) that opens this window, I have embedded
    > > the current user ID in the URL string (as debug), and every single time
    > > the window opens, an active a user ID is present - so when they click
    > > on the link, they have a user ID - but when the window is opened,
    > > sometimes the session is lost.
    > >
    > > Any idea why this happens ? I have debugged and debugged to see if
    > > there is any pattern, but sadly there isn't ...
    > >
    > > Can anyone help me, please ?
    > >
    > >

    >
    > I would suspect something to do with javascript. Have you tested it with
    > javascript turned off? Are you sure that the javascript is working on all
    > modern browsers? You might run into problems if you're doing something like
    > <a href="javascript:function()"> because javascript is not a valid URI
    > scheme, and some browsers, Opera for example, will not recognize it.
    >
    >
    > --
    > Adrienne Boswell
    > http://www.cavalcade-of-coding.info
    > Please respond to the group so others can share
    >
     
    Tony G., Jan 16, 2005
    #3
  4. Tony G.

    Tim Williams Guest

    As far as I recall it's *normal* to lose session state when switching
    from http to https, since the browser sees these as different domains.

    possible solution for you here:
    http://groups-beta.google.com/group..._doneTitle=Back to Search&&d#6c1a5dcea55782d8

    Tim.


    "Tony G." <Tony > wrote in message
    news:...
    > Hi there,
    >
    > I have an APS 3 application, running on a Windows 2003 Web edition
    > server -
    > it is a very busy website, and when users are click on certain links
    > (membership info), a new window i opened via javascript.
    >
    > This new window is on the SAME website as where the user is located,
    > but
    > just opened in HTTPS (secure) mode - the user can now examine
    > memberhip terms
    > and continue to buy membership.
    >
    > And this works fine, and hundreds of times each day this page i
    > opened and
    > used - but sometimes when a user opens this page, his session is
    > lost ?!!?
    >
    > On all links (in javascript) that opens this window, I have embedded
    > the
    > current user ID in the URL string (as debug), and every single time
    > the
    > window opens, an active a user ID is present - so when they click on
    > the
    > link, they have a user ID - but when the window is opened, sometimes
    > the
    > session is lost.
    >
    > Any idea why this happens ? I have debugged and debugged to see if
    > there is
    > any pattern, but sadly there isn't ...
    >
    > Can anyone help me, please ?
    >
    >
    > Regards,
    > Tony Fonager
    >
    > Denmark
     
    Tim Williams, Jan 16, 2005
    #4
  5. Tony G.

    Tony G. Guest

    But if session is lost when changing from HTTP to HTTPS, this would happen
    for all users, right ?

    But it doesn't ... this only happens for 1%, maybe ... the rest 99% KEEPS
    their session state, and continues buying their membership ... so this is a
    bit strange ...

    Regards,
    Tony

    "Tim Williams" wrote:

    > As far as I recall it's *normal* to lose session state when switching
    > from http to https, since the browser sees these as different domains.
    >
    > possible solution for you here:
    > http://groups-beta.google.com/group..._doneTitle=Back to Search&&d#6c1a5dcea55782d8
    >
    > Tim.
    >
    >
    > "Tony G." <Tony > wrote in message
    > news:...
    > > Hi there,
    > >
    > > I have an APS 3 application, running on a Windows 2003 Web edition
    > > server -
    > > it is a very busy website, and when users are click on certain links
    > > (membership info), a new window i opened via javascript.
    > >
    > > This new window is on the SAME website as where the user is located,
    > > but
    > > just opened in HTTPS (secure) mode - the user can now examine
    > > memberhip terms
    > > and continue to buy membership.
    > >
    > > And this works fine, and hundreds of times each day this page i
    > > opened and
    > > used - but sometimes when a user opens this page, his session is
    > > lost ?!!?
    > >
    > > On all links (in javascript) that opens this window, I have embedded
    > > the
    > > current user ID in the URL string (as debug), and every single time
    > > the
    > > window opens, an active a user ID is present - so when they click on
    > > the
    > > link, they have a user ID - but when the window is opened, sometimes
    > > the
    > > session is lost.
    > >
    > > Any idea why this happens ? I have debugged and debugged to see if
    > > there is
    > > any pattern, but sadly there isn't ...
    > >
    > > Can anyone help me, please ?
    > >
    > >
    > > Regards,
    > > Tony Fonager
    > >
    > > Denmark

    >
    >
    >
     
    Tony G., Jan 16, 2005
    #5
  6. Tony G.

    Mark Schupp Guest

    It could be a browser security setting or a "bug fix" in a browser version.
    In the past, you could switch from http to https if the pages were in the
    same virtual directory. I haven't tested this in a long time.

    If could also be the generic "lost session in new browser window" (not
    related to HTTP/HTTPS transition). See
    here:http://www.aspfaq.com/show.asp?id=2172

    Have you tried going to the HTTPS page in your main browser window instead
    of a popup?

    Our application depends heavily on sessions being available in popup windows
    and we have not had any problems reported since IE4. However, if you are
    experiencing enough problems to cause concern then you will probably be
    better off using transfering data between your pages using a database or
    hidden form fields.

    --
    Mark Schupp
    Head of Development
    Integrity eLearning
    www.ielearning.com


    "Tony G." <Tony > wrote in message
    news:...
    > But if session is lost when changing from HTTP to HTTPS, this would happen
    > for all users, right ?
    >
    > But it doesn't ... this only happens for 1%, maybe ... the rest 99% KEEPS
    > their session state, and continues buying their membership ... so this is

    a
    > bit strange ...
    >
    > Regards,
    > Tony
    >
    > "Tim Williams" wrote:
    >
    > > As far as I recall it's *normal* to lose session state when switching
    > > from http to https, since the browser sees these as different domains.
    > >
    > > possible solution for you here:
    > >

    http://groups-beta.google.com/group..._doneTitle=Back to Search&&d#6c1a5dcea55782d8
    > >
    > > Tim.
    > >
    > >
    > > "Tony G." <Tony > wrote in message
    > > news:...
    > > > Hi there,
    > > >
    > > > I have an APS 3 application, running on a Windows 2003 Web edition
    > > > server -
    > > > it is a very busy website, and when users are click on certain links
    > > > (membership info), a new window i opened via javascript.
    > > >
    > > > This new window is on the SAME website as where the user is located,
    > > > but
    > > > just opened in HTTPS (secure) mode - the user can now examine
    > > > memberhip terms
    > > > and continue to buy membership.
    > > >
    > > > And this works fine, and hundreds of times each day this page i
    > > > opened and
    > > > used - but sometimes when a user opens this page, his session is
    > > > lost ?!!?
    > > >
    > > > On all links (in javascript) that opens this window, I have embedded
    > > > the
    > > > current user ID in the URL string (as debug), and every single time
    > > > the
    > > > window opens, an active a user ID is present - so when they click on
    > > > the
    > > > link, they have a user ID - but when the window is opened, sometimes
    > > > the
    > > > session is lost.
    > > >
    > > > Any idea why this happens ? I have debugged and debugged to see if
    > > > there is
    > > > any pattern, but sadly there isn't ...
    > > >
    > > > Can anyone help me, please ?
    > > >
    > > >
    > > > Regards,
    > > > Tony Fonager
    > > >
    > > > Denmark

    > >
    > >
    > >
     
    Mark Schupp, Jan 17, 2005
    #6
  7. Tony G.

    Tony G. Guest

    That link was VERY interesting - I think I will try not relying on same
    sessions being used, and recode the system.

    Thanks alot!!

    -
    Regards,
    TOny

    "Mark Schupp" wrote:

    > It could be a browser security setting or a "bug fix" in a browser version.
    > In the past, you could switch from http to https if the pages were in the
    > same virtual directory. I haven't tested this in a long time.
    >
    > If could also be the generic "lost session in new browser window" (not
    > related to HTTP/HTTPS transition). See
    > here:http://www.aspfaq.com/show.asp?id=2172
    >
    > Have you tried going to the HTTPS page in your main browser window instead
    > of a popup?
    >
    > Our application depends heavily on sessions being available in popup windows
    > and we have not had any problems reported since IE4. However, if you are
    > experiencing enough problems to cause concern then you will probably be
    > better off using transfering data between your pages using a database or
    > hidden form fields.
    >
    > --
    > Mark Schupp
    > Head of Development
    > Integrity eLearning
    > www.ielearning.com
    >
     
    Tony G., Jan 17, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Patrick Olurotimi Ige

    Closing child window when opening a new Window

    Patrick Olurotimi Ige, Dec 14, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    448
    Patrick Olurotimi Ige
    Dec 14, 2004
  2. POL8985
    Replies:
    1
    Views:
    561
    Kevin Spencer
    Jan 31, 2005
  3. UJ
    Replies:
    2
    Views:
    7,525
    John Timney \(ASP.NET MVP\)
    Jun 27, 2005
  4. Clara
    Replies:
    6
    Views:
    593
    Clara
    Apr 25, 2005
  5. DigitalFusion

    Session Lost when opening Word Doc

    DigitalFusion, Sep 1, 2006, in forum: ASP General
    Replies:
    2
    Views:
    103
    Michaelk
    Sep 10, 2006
Loading...

Share This Page