All geek questions in one place

Enhanced session cookie cleanup (firefox, chrome)

Some browsers (Firefox, Chrome) by design do not clear session cookies when you close them if you set some kind of memory switch (for example, in FF go to Options-> General-> When Firefox start-> Show my windows and last time tabs). This is a problem for our client (government agency ...), while I have absolute control over the http server, I have no control over the browser settings. Scenario - they are used to share computer accounts, however they should not be able to exchange accounts on the Internet. Just closing the browser should kill the session, not paying attention to the browser settings.

Is there an elegant way to ensure this?

Currently, the only solution that comes to my mind is some kind of dead person switch (change cookies to only live for one minute (encrypted timestamp on the server side), and on each page there is javascript "pinger" that will within 20 minutes ping, every one and a half minutes, a “session extension” handler on the server (the login session should be 20 minutes, with expiration).

+5
source share
2 answers

You can try using sessionStorage HTML5, which lasts for a page session. A page session lasts as long as the browser is open and survives through a reboot and recovery. Opening a page in a new tab or window will start a new session.

sessionStorage.setItem ("username", "John");

https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Storage#sessionStorage

Browser Compatibility https://code.google.com/p/sessionstorage/ compatible with every A-grade browser, including iPhone or Android. http://www.nczonline.net/blog/2009/07/21/introduction-to-sessionstorage/

0
source

Firefox requires a simple setup to prevent Firefox from including passwords when closing the browser:

  • enter the setup menu (top right)
  • select Options"
  • select the privacy tab.
  • change “history” from “remember history” to “use user settings” or “never remember”
  • when "customizable" is checked, change the "keep until" cookie settings from "until expiration" to "until Firefox closes"
-one
source

Source: https://habr.com/ru/post/1494063/

More articles:


All Articles