禁用不同选项卡上的导航,浏览器的多个实例
[英]Disable navigation on different tabs, multiple instances of browser
问题描述
Assumption: 
假设:
I'm working on an ASP.NET MVC 4 application, where I use a form authentication to authenticate my users. 我正在使用ASP.NET MVC 4应用程序,在这里我使用表单身份验证来验证我的用户。
When one of users is logged in my web application, he can navigate anywhere and perform all operations that my web application let him do. 当一个用户登录我的Web应用程序时,他可以导航到任何地方并执行我的Web应用程序允许他执行的所有操作。
Considering that my web application interacts with other third party system, each user action could involve in a potential dangerous situation. 考虑到我的Web应用程序与其他第三方系统交互,每个用户操作都可能涉及潜在的危险情况。
Example of Situation: the user opens two tabs in IE, goes in the same page in which he can perform an Update operation (which is immediatly sended to the third party system), and perform an Edit action in two different moments. 情况示例:用户在IE中打开两个选项卡,进入同一页面,在该页面中他可以执行更新操作(立即发送到第三方系统),并在两个不同的时刻执行编辑操作。
Indipendently of the third party system's behavior, in case of similar situations, my web application shouldn't permit the user to perform this actions. 与第三方系统的行为无关,在类似情况下,我的Web应用程序不应允许用户执行此操作。
Goal 目标
What I want to do is a UI control that redirects the user when he tries to navigate the same page for the second time (before he leave the first page). 我想做的是一个UI控件,当用户第二次尝试导航同一页面时(在离开第一页之前),该控件将重定向用户。
I already thought about tracing each user's access to each page. 我已经考虑过跟踪每个用户对每个页面的访问。
To do this, I think to make an AJAX call to my Controller (in MVC) on document.ready event and on window.onbeforeunload event. 为此,我想在document.ready事件和window.onbeforeunload事件中对我的控制器(在MVC中)进行AJAX调用。 At each event, my Controller should read and write user's data in a database table. 在每次事件中,我的控制器都应在数据库表中读取和写入用户的数据。
I noticed that once an user is logged through form authentication, he shares session information over different tabs and browser instances (as long as at least one is open). 我注意到,一旦用户通过表单身份验证登录,他就会在不同的选项卡和浏览器实例上共享会话信息(只要至少打开了一个)。
Are there any differences, in terms of information, that I can intercept, when a user navigates over different tabs or browser instances ? 当用户在不同的选项卡或浏览器实例上导航时,在信息方面,我可以拦截任何差异吗?
Is it possible to do what I want, without using frameworks like SignalR ( in which I'm not an expert ) ? 是否可以在不使用SignalR之类的框架下做我想做的事情( 我不是专家 )?
1 个解决方案
解决方案1
0 2015-05-08 12:12:10
I think you are going about this the wrong way. 我认为您正在以错误的方式进行操作。 Instead of trying to do this on the client side, you need to be doing something inside the update to detect and prevent a duplicate operation. 无需尝试在客户端执行此操作,您需要在更新内执行一些操作以检测并防止重复操作。
How you would go about this really depends on how you've structured the internals of your application. 实际情况取决于您如何构造应用程序的内部结构。
For example, you could track the update operations that are performed by a user, and ensure that only a single update operation can be performed. 例如,您可以跟踪用户执行的更新操作,并确保只能执行一个更新操作。
If the user has already performed the update, your POST action can perform the redirect that you mention doing via Ajax. 如果用户已经执行了更新,则POST操作可以执行您提到的通过Ajax执行的重定向。
Whilst SignalR could be used in a way to attempt to prevent the double update, it would be trivial for a user to bypass this mechanism. 虽然SignalR可以以某种方式来尝试防止双重更新,但对于用户而言,绕过该机制将是微不足道的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.