[thelist] Free Tip - just discovered

Jason Handby jasonh at corestar.co.uk
Tue Aug 24 14:02:31 CDT 2004


>    Well, dangit, I thought you could do this!  I could've 
> sworn I saw that as an option; maybe it's not accessible from 
> the menus in IE6?
> 
>    Anyway, the general rule is that if you open a window 
> *from* a currently logged in window, the session will be 
> passed.  I was certain there was a way to change this via 
> Tools-->Internet Options-->Advanced (no idea about non-IE 
> browsers, but I can check them later).  If I find anything 
> more on this, I'll pass it along.

The ASP sessionid is stored in a nonpersistent cookie in the user's browser.
Iframes, popups, etc. are treated as part of the same session because they
share the same non-persistent cookies as the original window, and so they
send the same sessionid to the server.

I can't see how you'd change this behaviour from the browser; presumably
you'd have to change how the browser handled other windows having access to
nonpersistent cookies...?



Jason



More information about the thelist mailing list