Is it safe to save a session with an ajax request?

I recently implemented a small javascript snippet on my main page that executes an ajax request every 30 seconds to save a session. I know that there are several questions regarding the preservation of life, but I really could not find the answers to these specific questions.

My questions:

  • Can this be done? As in, will this have any adverse consequences if there are many simultaneous users / connections?

  • Is it possible to implement an extended timeout using this method or will I have to use cookies?

  • I don’t know much about cookies, but are they relatively acceptable for use now? or will there be users who do not allow them, will they be able to use my site?

Thanks everyone!

+6
source share
2 answers
  • Yes, it is safe. As for the load, it’s up to your equipment and how you write it, but it has nothing worse than users refreshing the page (perhaps they take into account the overhead of calling AJAX less with standard page loading).
  • You can set a timeout in web.config if that is what you are asking for ...
  • This is a personal call to you. Cookies have their purpose, and I consider them acceptable as long as this is your domain, but understand that some people have disabled them, and therefore comes to a denial.

Some things to keep in mind:

  • Banks use the same methodology as your session while you are checking your finances, but usually offer a pop-up window before asking if you want to continue.
  • Retention of a user who has been forcefully registered longer than usual may pose a security risk (an image that someone enters a library or school computer and leaves his desk) if this session continues until the next day [or longer]?)
+7
source

about cookies, this is very acceptable to use. almost all sites store cookies for users, they should. there are users who do not allow them, but the progminer can overcome this by changing the security of the browser (there is a constitutional problem in this case). You can see if the cookie is saved in your browser.

0
source

Source: https://habr.com/ru/post/909790/


All Articles