locked
Terminate ASP session variables when browser crashes or is ended in task manager RRS feed

  • Question

  • User-161170395 posted

    I am working with asp.net web forms and using session variables in my application. I am trying to terminate or kill the browser sessions when the browser crashes or if the user ends the browser application from task manager. like any bank web site . I can terminate session on tab or browser close but not on killing browsers process from task manager.

    Thursday, February 4, 2016 1:01 PM

All replies

  • User1686483761 posted

    Hi akibs,

    killing browsers process from task manager.

    If you don't set the timeout property of the session, when you kill the browser process then the session variables or session data will anyways be lost.

    Friday, February 5, 2016 5:31 AM
  • User-986267747 posted

    Hi akibs,

    As web applications use http, and http is stateless, you can not know for sure what happens on client side, since there is no connection between client and server. The only thing that can be used to keep track of it is the session. And the session is kept by the server as long as it was set up to be kept, or the application is closing it.
    So if you want to close the session, you have to initiate it from the server. Thus the server side part of your application has to be notified about browser closure.

    I can terminate session on tab or browser close but not on killing browsers process from task manager.

    Deleting the session cookie on client side won't close the session on server side. You might try to catch events like leaving your site, closing a browser window, but this is only part of the situations how the user could leave your application: might loose network connection, kill the browser, browser might crash, and so on. These event will be never caught by your application. Thus you can not rely on client side. 

    Best Regards,

    Klein zhang

    Wednesday, February 17, 2016 6:37 AM
  • User753101303 posted

    Hi,

    You don't have that level of contorl on the client side (ie knowing that the browser crashed). Make sure also to make the difference between cleaning up server side and creating a new session. First more likely your bank web site doesn't store anything sensitive in session and if the browser crashes doesn't clean up anything server side. You'll just have a new session which starts when the browser is launched again and the previous session will stay alone until the session timeout expires.

    Tuesday, March 22, 2016 12:42 PM