Results 1 to 2 of 2

ColdFusion and Tabbed Browsing - session being shared - HELP!?

This is a discussion on ColdFusion and Tabbed Browsing - session being shared - HELP!? within the Programming forums, part of the Web Designing & Development category; We have an application that uses ColdFusion that has been working fine until a remote center was opened. People there ...

  1. #1
    Junior Member
    Join Date
    Jan 2008
    Posts
    1

    Default ColdFusion and Tabbed Browsing - session being shared - HELP!?

    We have an application that uses ColdFusion that has been working fine until a remote center was opened. People there do what they like with no supervision. Here's the issue:

    They open new tabs in IE6/7 which shares session amongst tabs. Now we have crossed sessions and a nightmare. Wish we could fire them all but... I want to be able to prevent tabs from opening (can't) but if I could detect some unique piece of information from each browser tab, I could add that to our existing code/database that determines if a user logins in more than once at a time.

    What is uniquely identifying about a tab in a browser that can be accessed by HTML/ColdFusion/ASP?
    Figured out a great way. Remember this is for a database application so multiple browser tabs (not app tabs) that share session are killers.

    Keeping a page by page security id that is randomly assigned and stored locally so that we can compare values and detect if someone refreshed (bad in database apps) or opened a new tab and pasted in url. Works like a charm when combined with turning off the right click functionality which prevents "open link in new tab". We're not out to make a pleasant experience for the business users; just stopping them from hacking the system.

  2. #2
    Junior Member jasontabler's Avatar
    Join Date
    Jan 2008
    Posts
    1

    Default

    I would say that the tabs aren't the problem, it is your application. If you add more error checking and sanity checks to your session state before writing to memory or the database, you'll probably be ok.

    I use multiple tabs in an application all the time. Sometimes I want to see my data and I want another tab open looking at some other data that I need for the current set.

    Don't worry, it's a pain, but adaption is better than trying to close down every new feature that comes about. In this case, your application should never break because of session racing because ColdFusion and every other web programming language has means for preventing and catching it.