Cookies getting expired for SAFARI browser

**jhardman** · Apr 20 '10, 05:41 AM

Are you setting a timeout for your cookies? It occurs to me that the issue might just be that if there is no timeout value explicitly stated that Safari might use a shorter default.

Jared

**SwapnilD** · Apr 20 '10, 08:23 AM

Dear Jhardman,

Thanks for reply...

I'm not using explicit value for cookies to timeout, but I have created auto logout functionality. Which redirects user to the logout page where cookies gets expired and user gets logged out from the system if user has not refreshed page for 45 minutes.
But before doing this a pop up reminds user that you have not done anythng from last 40 minutes and will be logout from the parent window after 5 minutes(browser in which user has logged in), "Please refresh the browser".

These users are using SAFARI with MAC, opening diffrent pages of website in multiple tabs within a same browser and getting logged out from one of the tab hence getting error while refreshing the pages for other tabs.

Please review and reply ASAP.

SwapnilD

**jhardman** · Apr 20 '10, 01:28 PM

could you switch to using session variables rather than cookies? sometimes those are more secure.

Jared

**SwapnilD** · Apr 21 '10, 08:55 AM

No, I can't switch to session variables, the system is very wast and complex.
It is based on cookies and working in the same way from last 4 years.
Changing it to use session variables might create further issues.

**jhardman** · Apr 21 '10, 02:14 PM

Originally posted by SwapnilD

No, I can't switch to session variables, the system is very wast and complex.
It is based on cookies and working in the same way from last 4 years.
Changing it to use session variables might create further issues.

OK, then I suggest you add an explicit timeout. I think Safari is timing out early, and adding the explicit timeout should keep it going longer.

Code:

response.cookies("cookie1").timeout=dateadd("n",45,now())

Jared

**SwapnilD** · Apr 22 '10, 09:44 AM

Thanks for help.

Per your suggestion now I'm setting explicit timeout for the users those are having issues for all other users system will work as it was before.

But there is a small problem here, After adding the code mentioned by you.I have checked the timeout in SAFARI and it shows 9:00 PM while the time in my machine is 2:00 PM.
How should I take the client side time for cookies to set the timeout?

**jhardman** · Apr 22 '10, 10:41 PM

Originally posted by SwapnilD

Thanks for help.

Per your suggestion now I'm setting explicit timeout for the users those are having issues for all other users system will work as it was before.

But there is a small problem here, After adding the code mentioned by you.I have checked the timeout in SAFARI and it shows 9:00 PM while the time in my machine is 2:00 PM.
How should I take the client side time for cookies to set the timeout?

I think the time is supposed to be stored in GMT by default. Let me check...

**jhardman** · Apr 23 '10, 12:31 AM

Originally posted by jhardman

I think the time is supposed to be stored in GMT by default. Let me check...

it appears that the cookie will be stored in GMT, but the server will always interpret that in its local time zone. I tested it with a server one time zone away and an expiration in 10 minutes and I had no problems. You might need to test, but I bet you have it working just fine now.

Jared

**SwapnilD** · Apr 27 '10, 08:26 AM

Per your suggestion, how can I set cookie timeout in GMT. I'm using below mentioned code:

abCookie.Expire s = dateadd("n",5,n ow())

**jhardman** · Apr 27 '10, 01:38 PM

Originally posted by SwapnilD

Per your suggestion, how can I set cookie timeout in GMT. I'm using below mentioned code:

abCookie.Expire s = dateadd("n",5,n ow())

as far as I can figure, it will always be stored in GMT, it just isn't necessarily being shown in GMT. In other words, my server sets the expire time as 3pm Pacific which equals 10pm GMT. My browser records the time as 4 pm Mountain which equals 10 pm GMT. At 3:59 pm Mountain my cookies are still intact, but at 4:01 pm Mountain when I test, my cookies have expired. I don't need to set the time for 10 pm, I need to set my time for 3pm (the time on the server) to make that happen. Does this make sense? I made a test script to check, feel free to verify - even though the time may be displayed differently depending on the local time of the server, it is stored as GMT.

Jared

**SwapnilD** · Apr 27 '10, 04:41 PM

I think I have figured out the reason for this issue. After doing further analysis of system I found that there is a problem in some of the back buttons of the system and auto logout code that I have included to logout user if they don't refresh the page for 45 minutes.

In SAFARI browser I clicked a specific back button which logged me out.
This back button had a javascript code "Window.History .back(-1)" to return to the prevoius page due to which Auto logout code was unexpectedly executed as mentioned below.

Code:

(function() 
{
setTimeout('newWindow()',3000000);//Display warning 
setTimeout('logout()', 3600000);//Logout from the systems
}());

Now I have commented the logout code for SAFARI and used actual redirection code instead of History.back.

I have used "navigator.user Agent.indexOf(" Safari")==-1 " to detect if it is not safari browser but I get this condition true for CHROME also.

Below is the conditional code:

Code:

if (navigator.userAgent.indexOf("Safari")==-1 )
		{
			(function() 
			{
			setTimeout('newWindow()',3000000);
			setTimeout('logout()', 3600000);
			}());
		}

It should not be executed for SAFARI and should be executed for Chrome, FF and IE. It is working fine for IE and FF but not for chrome.
i.e.

Code:

 
value of navigator.userAgent.indexOf("Safari") in SAFARI is 103
value of navigator.userAgent.indexOf("Safari") in CHROME is 106
value of navigator.userAgent.indexOf("Safari") in IE,FF is -1.

Aditionally can you explain why the below mentioned lines are getting executed unexpectedly for SAFARI even if the timeout has not passed?

Code:

setTimeout('newWindow()',3000000);
setTimeout('logout()', 3600000);

**jhardman** · Apr 27 '10, 11:35 PM

Originally posted by SwapnilD

I think I have figured out the reason for this issue. After doing further analysis of system I found that there is a problem in some of the back buttons of the system and auto logout code that I have included to logout user if they don't refresh the page for 45 minutes.

In SAFARI browser I clicked a specific back button which logged me out.
This back button had a javascript code "Window.History .back(-1)" to return to the prevoius page due to which Auto logout code was unexpectedly executed as mentioned below.

Code:

(function() 
{
setTimeout('newWindow()',3000000);//Display warning 
setTimeout('logout()', 3600000);//Logout from the systems
}());

Now I have commented the logout code for SAFARI and used actual redirection code instead of History.back.

I have used "navigator.user Agent.indexOf(" Safari")==-1 " to detect if it is not safari browser but I get this condition true for CHROME also.

Below is the conditional code:

Code:

if (navigator.userAgent.indexOf("Safari")==-1 )
		{
			(function() 
			{
			setTimeout('newWindow()',3000000);
			setTimeout('logout()', 3600000);
			}());
		}

It should not be executed for SAFARI and should be executed for Chrome, FF and IE. It is working fine for IE and FF but not for chrome.
i.e.

Code:

 
value of navigator.userAgent.indexOf("Safari") in SAFARI is 103
value of navigator.userAgent.indexOf("Safari") in CHROME is 106
value of navigator.userAgent.indexOf("Safari") in IE,FF is -1.

Aditionally can you explain why the below mentioned lines are getting executed unexpectedly for SAFARI even if the timeout has not passed?

Code:

setTimeout('newWindow()',3000000);
setTimeout('logout()', 3600000);

OK, so the rest of the problem is Javascript. Go ahead and post this final question in the javascript forum.

Jared

**SwapnilD** · Apr 28 '10, 10:24 AM

Dear Jared,

Thanks a lot for all your help -:)

Swapnil

Cookies getting expired for SAFARI browser

Cookies getting expired for SAFARI browser

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment