StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POCookie handling in subsequent requests in same page
primarykey
Id
9358367
data
AcceptedAnswerId
9377741
AnswerCount
1
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2012-02-20T08:57:31.830
FavoriteCount
0
LastActivityDate
2012-02-21T12:35:29.667
LastEditDate
2012-02-20T10:36:17.400
LastEditorUserId
510121
OwnerUserId
510121
ParentId
0
PostTypeId
1
Score
0
ViewCount
246
LastEditorDisplayName
text
Body
I'm creating my own (multi threaded) ISAPI based website in C++ and I'm trying to implement correct session management. The problem is that when a new session should be created, the session is created twice when using subsequent requests in the generated web page. Here's how it works: - Client requests <a href="http://localhost" rel="nofollow">http://localhost</a> and sends either no cookie or a cookie with an old session ID in it. - Server looks at the session cookie and feels that it needs to create a new one because it no longer exists: it prepares a header with a cookie in it with a new session ID and sends the complete header to the client (I tracked this with http live headers plugin in firefox and it is correct). It also prepares some data like the page and and stuff like that (not yet body data, as it is still processing data from the database and stuff like that) and sends what it has back to the client. - Client should have this new session cookie now, and sees the stylesheet link and immediately sends the stylesheet request <a href="http://localhost/css" rel="nofollow">http://localhost/css</a> to my server. But... he still does this with the old session ID for some reason, not with the newly received one! - Server sees this request (with again an no longer existing session id), generates another new session and sends the new session id with a cookie along with the stylesheet data. So the client has received two session id's now and will from now on keep using the second one as the first one is overwritten, but nevertheless the first page has used the wrong session (or actually, the second page has). You could say that this is not a problem, but when I start using personalized stylesheets, I will have the wrong stylesheet on the first page and as the page will use AJAX to refresh the content (if available), it is possible that the stylesheet is never reloaded unless the client refreshes. So, is this a problem that is always there when doing this kind of thing? Will the browser always send an old cookie although it has already received a new one but is still processing the page? Is this a problem that, for example PHP, also has? Note: before all the discussions start about "use php instead" or something: I am rewriting a website that I had first written in PHP, it became popular, had thousands of (real) visitors every hour and started killing my server (the website doesn't make that kind of money that I can throw lots of servers at it). By writing it in C++, requests take 2ms instead of 200ms in PHP... I can optimize everything. By taking my time to develop this ISAPI correctly, it is safely multi-threaded and can be multi-processed, multi-servered. And most of all, I like the challenge. Added note: It seems that the problem is only there when an old session exists in the cookies, because when I completely clear all cookies from my browser, and a new one is created and sent back to the client, the subsequent stylesheet request immediately uses the given session id. This seems to be some kind of proof that I'm doing something wrong when an old session id is sent... Should an existing cookie be deleted first? How? Added note: The cookie is written with an expire-date one year ahead.
Tags
<c++><isapi><session-management>
Title
Cookie handling in subsequent requests in same page
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USscippie
UserOwnerUserId
1. USscippie
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. COI have the answer... I will post it when the silly 8 hour limit to self-answer is over.
 singulars
 PostPostId
 POCookie handling in subsequent requests in same page
 UserUserId
 USscippie

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.