How to Kill Session with help of javascript?
Question
Is it possible to destroy session using java script? If yes how it can be done? I am using Asp.Net with C#.
Help Appreciated!
Thanks in advance
2 answers
solution1
2 2012-10-25 11:40:52
If the cookie (that contains the session ID used to link the user to the session) is not HttpOnly , it can be unset in JavaScript.
function deletecookie(name) {
var expdate = new Date();
expdate.setTime(expdate.getTime() - 1);
document.cookie = name += "=; expires=" + expdate.toGMTString();
}
If it is HttpOnly (and generally, most authentication-related cookies should be!) then you cannot influence it from JavaScript. A good description of JavaScript/cookies is here .
Bear in mind that this is not destroying the session, it is merely breaking the user's link with it an effectively logging them out. If they have a record of the ID stored in the cookie, or third party has intercepted it, the session can be "resumed" (or reused) by including that cookie on the next request to your application.
A safer route would be to AJAX back the logout/session-destroy request to your application, and actually destroy the session server-side.
solution2
1 2012-10-28 14:50:58
Since JavaScript have no control over asp.net session, so you have to call server side code that manages with sessions.
you may call some page partially via ajax like
$.get('~/ClearForm.aspx');
Or you can also redirect to particular page that has session destroying code. for example on logout we redirects to logout page which destroys session.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.