stackoom
  简体   繁体   中英

Google Chrome Session Cookie's Workaround

 原文  2017-06-15 15:44:27       javascript/ php/ google-chrome/ session/ cookies

Question

I recently found out that if someone checks "Continue where I left Off" in Chrome, cookies and sessionStorage persist between browser restarts. In addition, some threads talk about Chrome background processes staying open even after you shut down the browser. And thread after thread after thread from Stackoverflow and many other websites has many people asking the same question, but no one actually posting a real solution to the problem. Chrome not clearing SESSION COOKIES on close/exit

I thought maybe I could detect them shutting down the window/tab, but this doesn't work either: javascript detect browser close tab/close browser

I checked on the issue in Chrome, figuring someone had reported it by now and found that they have no plans to fix this: https://bugs.chromium.org/p/chromium/issues/detail?id=128513

Also see here: Chrome doesn't delete session cookies

Using sessionStorage in javascript will also persist between closes of tabs and windows if "Continue where I left Off" is checked and I cant expect the end user to change that setting.

The internet still carries on so I'm wondering what the fix to this problem is?

One article I read said they started setting the expiration date of their cookies to 1 hour: http://erlycoder.com/111/google-chrome-session-cookie-expiration-issue-feature-your-personal-data-is-insecure-now-

Sure, I can set expiration dates on my cookies, but even if I set the value to say '1 Hour', if the user closes the tab and re-opens it inside of an hour then problems arise.

Suggestions?

1 answers

solution1
 0 ACCPTED  2017-06-15 18:22:34

Taking from other posts on stackoverflow as well as taking the comments on my question about re-working the app, I combined some posts to clear cookies and the session variables after 1 hour.

Credit:

  • How do I expire a PHP session after 30 minutes?
  • Best way to completely destroy a session - even if the browser is not closed

  • http://php.net/manual/en/function.setcookie.php 

     if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) { if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); } if (isset($_SERVER['HTTP_COOKIE'])) { $cookies = explode(';', $_SERVER['HTTP_COOKIE']); foreach($cookies as $cookie) { $parts = explode('=', $cookie); $name = trim($parts[0]); setcookie($name, '', time()-1000); setcookie($name, '', time()-1000, '/'); } } session_unset(); session_destroy(); echo '<script>window.location= "login.php?pre_action=session_expired";</script>'; } $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question workaround for session cookies not being removed in chrome Google Chrome ERR_CACHE_MISS workaround Google Chrome “window.open” workaround? Why Google Chrome does not delete session cookie when restart after crash? Google chrome extension cookie help! What's a workaround for Chrome for Android's incorrect clientX and clientY behavior? Workaround for __lookupGetter__ and __lookupSetter__ functions in Google Chrome/Webkit? “user-select: element” workaround for Google Chrome browser? How to fix undefined cookie value in Google Chrome? How can I workaround the Google Calendar's link redirect notice?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM