DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 6 of 6
  1. #1
    Join Date
    Jan 2004

    IE 7 - Two Tabs, Same Session

    I have run into a problem that someone out there must have encountered. I make heavy use of session state variables in my vb.net code. I identify a transaction by placing its unique id in a session state variable (e.g., Session("TransactionID")). My problem is that some users (Internet Explorer 7) will open one transaction for processing in one tab and then open a second transaction in another IE7 tab. Opening the second tab does not create a new session; consequently, because the session variable can only contain one transaction id at a given time, the user flips back and forth between the two tabs and undesirable results occur.

    I'd be willing to prohibit them from opening the application in a second tab or even just informing them when they attempt it, but I don't know how to determine that the index page has been opened from the second tab. I should point out that I allow them to open the index page from other pages using hyperlink controls, so I can't just use something like Session.IsNewSession to determine if the session was previously opened or not.

    Thanks in advance........

  2. #2
    Join Date
    Sep 2007

    Yes, this is how IE7/IIS work when it comes to session state. I would suggest perhaps a different methoud for you that may work out better in the long run. What I would suggest is that you put the transactionID in the URL or on the page (hidden field) to access when posts/gets are made. This would allow the user to fire up as many transactions as they want and you can keep track of them on the server side. While keeping it in Session state is the ideal way to conceal it from the users it would solve your problem.

    As you have stated, another approach is to not allow for multiple windows in a session to be opened, though this is less user friendly and would not be something I would normally recommend unless specific applications needs dictated it.

    John Wiese
    ISV Architect Evangelist - Microsoft

  3. #3
    Join Date
    Jan 2004
    Thanks for the quick response. The problem I have with your suggestion regarding the hidden field approach is that the transaction id is only one of many session state variables I employ throughout the application. I think keeping track of all of them using hidden fields on the pages would be a logistical problem. The beauty of the session state is that I can set session state variables once and reference them when the user navigates from page to page; i.e., the values propogate throughout the entire application.

    Also, I don't understand what you mean by "..put the transactionID in the URL..."

    Do you know of any way I can interrogate who the caller (i.e., the last open page was) when a page is loaded? If I could somehow determine that the second instance of the index page was opened from the tab I could simply inform the user not to use multiple tabs and close the application (or something similar).

  4. #4
    Join Date
    Sep 2007
    Storing your form information in session state is not something I would recommend to begin with, and for the exact reason you are seeing. In the past this was less of an issue because users were less savvy about opening up new windows (CTRL-N) to be more productive. Now, with tabbed browsing more and more users are becoming this savvy and storing things in session is more of an issue. Here's a great blog post to read through:


    You could use the HTTPReferrer meta tag to see if there was a referrer or not. If it's blank, or not one of your applications pages then they came from another page or opened a new tab/window.


  5. #5
    Join Date
    Jan 2004


    Based on responses to my original post, I believe I have come up with an acceptable solution to determine if my home page has been opened from a second IE7 tab. I'm summarizing it here in case someone else encounters this problem.

    My application's home page opens based on one of three scenarios:

    1. A new window (i.e., session) opens.
    2. The home page is called from another page within my application. In this case, of course, a new session is not initiated.
    3. The home page opens because a user has opened the application from a second Internet Explorer tab. In this case also, a new session is not initiated.

    I use the following system/server variables to determine if the page is called from the second IE tab:


    I find that if the page opens when a new session is initiated (Case 1), Session.IsNewSession is true.
    If the page is opened from another page in the application (Case 2), Session.IsNewSession is false and Request.ServerVariables("HTTP_REFERER") has the URL of the calling page in it.
    If the home page is opened from the second IE tab (Case 3), Session.IsNewSession is false and Request.ServerVariables("HTTP_REFERER") is null. Testing for this third condition tells me it had to be opened from the second IE tab.

  6. #6
    Join Date
    Jul 2008
    If the home page is opened from the second IE tab (Case 3), Session.IsNewSession is false and Request.ServerVariables("HTTP_REFERER") is null. Testing for this third condition tells me it had to be opened from the second IE tab.
    Goodpointers GaryAF;

    But what will be the case if user open a tab go to the google search you site and then open the link. in this case session.isNew = false and Referer will not be null but user will be able to login.

    Any ideas..?

Similar Threads

  1. Problem getting session information
    By partyk1d24 in forum AJAX
    Replies: 2
    Last Post: 02-16-2007, 02:18 PM
  2. Replies: 1
    Last Post: 01-19-2002, 02:09 PM
  3. Replies: 0
    Last Post: 01-17-2002, 06:28 PM
  4. Session variable problems
    By Nate in forum Enterprise
    Replies: 2
    Last Post: 10-13-2000, 12:38 PM
  5. Session variable problems
    By Nate in forum ASP.NET
    Replies: 5
    Last Post: 09-01-2000, 03:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center
Latest Articles
Questions? Contact us.
Web Development
Latest Tips
Open Source

   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.