Hi All,
I'm new in this forum, so maybe this topic was discussed exhaustively and somebody forward me to the source.
I'm writing a secure web application and It has to be modal, i.e. only
one window has to be available for user. When user opens a completely new browser window everything is ok, i handle this with no problems.
Situation is different when user press Ctrl+N. In this case there is no request to server at all, and new window obtain all cookies and session_id from the first one (while in first case of completly new browser window it doesn't obtain old session_id). So it seems that it is practically impossible to distinguish two windows from server side.
The only idea i have now is to send post var to each script, in this case IE will will request a refresh from new Ctrl+N window and i'll get control. But this variant seems gloomy to me.
I will appreciate any fresh idea from you all.
Ctrl+N window problem
Moderator: General Moderators
- hob_goblin
- Forum Regular
- Posts: 978
- Joined: Sun Apr 28, 2002 9:53 pm
- Contact:
try this:
put this at the top.
if that doesn't work, here is my idea, set a cookie on the previous page, check it at the scripts begining, and delete it at the end, if this cookie is not there, don't run the page...
Code: Select all
header("Cache-Control: no-store, no-cache, must-revalidate");if that doesn't work, here is my idea, set a cookie on the previous page, check it at the scripts begining, and delete it at the end, if this cookie is not there, don't run the page...
Yes,
I have this strign in my headers but this is not working.
IE shows up new window even without requesting a cache (perharps
it just duplicates its thread and => memory contents).
I will try your idea with window registration via cookies. Indeed javascript can check cookies corresponding to registered windows, but i have to try.
If somehow to forbid Ctrl+N at all, that would be great.
snx
I have this strign in my headers but this is not working.
IE shows up new window even without requesting a cache (perharps
it just duplicates its thread and => memory contents).
I will try your idea with window registration via cookies. Indeed javascript can check cookies corresponding to registered windows, but i have to try.
If somehow to forbid Ctrl+N at all, that would be great.
snx