Reputation: 19
How to Kill Session with help of javascript?
Is it possible to destroy session using java script? If yes how it can be done? I am using Asp.Net with C#.
Help Appreciated!
Thanks in advance
Upvotes: 0
Views: 2133
Answers (2)
Reputation:
Since JavaScript have no control over asp.net session, so you have to call server side code that manages with sessions.
you may call some page partially via ajax like
$.get('~/ClearForm.aspx');
Or you can also redirect to particular page that has session destroying code. for example on logout we redirects to logout page which destroys session.
Upvotes: 1
Reputation: 17771
If the cookie (that contains the session ID used to link the user to the session) is not HttpOnly, it can be unset in JavaScript.
function deletecookie(name) {
var expdate = new Date();
expdate.setTime(expdate.getTime() - 1);
document.cookie = name += "=; expires=" + expdate.toGMTString();
}
If it is HttpOnly (and generally, most authentication-related cookies should be!) then you cannot influence it from JavaScript. A good description of JavaScript/cookies is here.
Bear in mind that this is not destroying the session, it is merely breaking the user's link with it an effectively logging them out. If they have a record of the ID stored in the cookie, or third party has intercepted it, the session can be "resumed" (or reused) by including that cookie on the next request to your application.
A safer route would be to AJAX back the logout/session-destroy request to your application, and actually destroy the session server-side.
Upvotes: 2
Related Questions
- how to kill session from javascript
- OnClick Event To Close Session in ASP.NET
- Killing session when browser is closing
- Close/kill the session when the browser or tab is closed
- how to kill the session when user closed the browser without logout
- How to clear Session in JavaScript?
- how to kill a session that it exist
- ASP.NET Kill Session By Id
- Killing session value in Browser Close
- How to explicitely close session of the whole browser