session lost when opening new window via javascript

T

Tony G.

Hi there,

I have an APS 3 application, running on a Windows 2003 Web edition server -
it is a very busy website, and when users are click on certain links
(membership info), a new window i opened via javascript.

This new window is on the SAME website as where the user is located, but
just opened in HTTPS (secure) mode - the user can now examine memberhip terms
and continue to buy membership.

And this works fine, and hundreds of times each day this page i opened and
used - but sometimes when a user opens this page, his session is lost ?!!?

On all links (in javascript) that opens this window, I have embedded the
current user ID in the URL string (as debug), and every single time the
window opens, an active a user ID is present - so when they click on the
link, they have a user ID - but when the window is opened, sometimes the
session is lost.

Any idea why this happens ? I have debugged and debugged to see if there is
any pattern, but sadly there isn't ...

Can anyone help me, please ?


Regards,
Tony Fonager

Denmark
 
A

Adrienne

Gazing into my crystal ball I observed "=?Utf-8?B?VG9ueSBHLg==?=" <Tony
(e-mail address removed)> writing in
Hi there,

I have an APS 3 application, running on a Windows 2003 Web edition
server - it is a very busy website, and when users are click on certain
links (membership info), a new window i opened via javascript.

This new window is on the SAME website as where the user is located,
but just opened in HTTPS (secure) mode - the user can now examine
memberhip terms and continue to buy membership.

And this works fine, and hundreds of times each day this page i opened
and used - but sometimes when a user opens this page, his session is
lost ?!!?

On all links (in javascript) that opens this window, I have embedded
the current user ID in the URL string (as debug), and every single time
the window opens, an active a user ID is present - so when they click
on the link, they have a user ID - but when the window is opened,
sometimes the session is lost.

Any idea why this happens ? I have debugged and debugged to see if
there is any pattern, but sadly there isn't ...

Can anyone help me, please ?

I would suspect something to do with javascript. Have you tested it with
javascript turned off? Are you sure that the javascript is working on all
modern browsers? You might run into problems if you're doing something like
<a href="javascript:function()"> because javascript is not a valid URI
scheme, and some browsers, Opera for example, will not recognize it.
 
T

Tony G.

Thanks for the answer!

I am pretty sure that it has NOTHING to do with the javascript open window
command, for several reasons. The only thing the javascript does, is to open
a new window - and this window IS actually being opened, in the cases where I
have problems, as my debugging begins AFTER the window has been opened and
loaded ...

If javascript is turned off, the window would not open at all, right ?

This is the javascript function :

var win = null;
function newWindowPayment(mypage,myname,w,h,scroll)
{
LeftPosition = (screen.width) ? (screen.width-w)/2 : 0;
TopPosition = (screen.height) ? (screen.height-h)/2 : 0;
settings = 'height='+h+',width='+w+',top=' +
TopPosition+',left='+LeftPosition+',scrollbars='+scroll+',status=yes'
win = window.open(mypage,myname,settings)
if(win.window.focus)
{
win.window.focus();
}
}

My debugging tells me that it happens on very moderns browsers as well, that
is IE 6 and so forth ...


Regards,
Tony
 
T

Tony G.

But if session is lost when changing from HTTP to HTTPS, this would happen
for all users, right ?

But it doesn't ... this only happens for 1%, maybe ... the rest 99% KEEPS
their session state, and continues buying their membership ... so this is a
bit strange ...

Regards,
Tony
 
M

Mark Schupp

It could be a browser security setting or a "bug fix" in a browser version.
In the past, you could switch from http to https if the pages were in the
same virtual directory. I haven't tested this in a long time.

If could also be the generic "lost session in new browser window" (not
related to HTTP/HTTPS transition). See
here:http://www.aspfaq.com/show.asp?id=2172

Have you tried going to the HTTPS page in your main browser window instead
of a popup?

Our application depends heavily on sessions being available in popup windows
and we have not had any problems reported since IE4. However, if you are
experiencing enough problems to cause concern then you will probably be
better off using transfering data between your pages using a database or
hidden form fields.
 
T

Tony G.

That link was VERY interesting - I think I will try not relying on same
sessions being used, and recode the system.

Thanks alot!!

-
Regards,
TOny
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,904
Latest member
HealthyVisionsCBDPrice

Latest Threads

Top