自动设置 cookie 值

发布于 2024-11-30 20:52:08 字数 403 浏览 0 评论 0原文

我面临着一个关于浏览器 cookie 值的非常奇怪的问题。 我正在使用 IE8,我想以这样的方式管理会话,当任何新用户尝试连接我的应用程序时,前一个实例应该自动关闭。

为此,我每次都会为每个用户的登录尝试设置 cookie 并递增。 现在这个场景在 IE6 中完美运行,但在 IE8 中我遇到了问题: 当用户第一次登录时,cookie值设置为ex 1。现在我打开另一个IE8窗口并使用cookie值2再次登录。现在,当我转到上一个实例时,cookie值也更改为2(应该是1 为设定)。

因此,应用程序的多个实例正在运行,这是不应该发生的。 此外,当我从 1 个实例注销时,另一个实例也会自动注销。 无论如何,我一次只需要一个实例。 (此方案在不同的浏览器(即 FF 和 IE)中完美运行,即在 IE/FF 中打开第一个实例,在 FF/IE 中打开第二个实例)。

I am facing a very strange issue regarding the cookie value of the browser.
I am using IE8 and I want to manage session in such a way that when any new user tries to connect my application, the previous instance should get closed automatically.

For this I am setting cookie every time for each user's login attempt and incrementing.
Now this scenario working perfectly in IE6 but in IE8 I am facing the issue:
when user first time log in, cookie value is set for ex 1. Now I am opening another IE8 window and login again with cookie value 2.Now when I go to previous instance, the cookie value is also changed to 2(which should be 1 as set).

So Multiple instances are running of the application which should not happen.
Also when I logout from 1 instance, another is automatically logged out.
I need only one instance at a time in any case.
(This scenario is working perfectly in different browser i.e FFs and IEs i.e opening 1st instance in IE/FF and second in FF/IE).

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

诗化ㄋ丶相逢 2024-12-07 20:52:09

原因是 IE 的两个实例都将 cookie 写入同一位置(cookie 只是硬盘驱动器上的文件)。虽然您的 Web 应用程序看起来像是两个不同的客户端,但从前端来看,当您从第二个窗口登录时,保存的 cookie 会覆盖之前的 cookie。现在,第一个实例只是看到新的 cookie 并将其愉快地发送到服务器。如果您手动编辑 cookie 文件,也会发生同样的情况。这不是一个错误——cookie 应该是这样工作的。请注意,如果您使用不同的计算机,则会显示您的预期行为。

为了防止来自同一台计算机和同一应用程序的多个同时会话,您可以使用不同的技术。例如,在客户端登录时,对登录时间戳进行哈希处理,并将此哈希值保存到用户帐户中。然后将此哈希值发送到每个页面,并让浏览器在请求新页面时将此哈希值发送回给您。在服务器上,将从客户端接收到的哈希值与针对用户帐户存储的哈希值进行比较。如果它们不匹配,那么您将在此窗口中注销该应用程序,因为显然已在另一个窗口中进行了另一次登录。这将适用于同一应用程序的多个选项卡/窗口,也适用于不同的窗口/计算机。我过去曾使用过这种技术。当然,它并不是完全万无一失的(没有什么是万无一失的),但它在我需要的所有情况下都有效。

The reason is that both instance of IE are writing cookies into the same location (cookies are just files on the hard drive). While it may seem like two different clients for your web app, from the front end, when you log in from the second window, the cookie is saved overwriting the previous cookie. Now the first instance just sees the new cookie and sends it happily to the server. The same would happen if you just go and manually edit the cookie file. This is not a bug - this is how cookies are supposed to work. Note that your intended behaviour would show if you use different computers.

To prevent multiple simultaneous sessions from the same computer and same app, you can use a different technique. For example, on client login, hash the login timestamp and save this hash against the user account. Then send this hash to each page and have the browser send this hash back to you when a new page is requested. On the server, compare the hash received from the client with the hash stored against the user account. If they do not match, then you log out the app in this window, since obviously another login has been done in another window. This will work with multiple tabs/windows of the same app and also across different windows/computers. I have used this technique in the past. Naturally, it's not completely foolproof (nothing is), but it worked in all the cases I needed.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文