tags:

views:

1094

answers:

1
+1  Q: 

Iframe keep-alive function - what is needed to reset the session timeout?

I have a hidden iframe that refreshes every now and then, in order to keep the ASP.NET session up and running, for as long as the user is online.

However, I have been getting reports of users experiencing session timeouts, so now I am in doubt of what is needed to reset the session timer.

The hidden iframe's content page (simple html page) refreshes itself at a certain interval, which is significantly less than the session timeout.

My question is: Is it enough (for the session timer to reset) to let the page refresh itself, even when the server responds with a HTTP/1.x 304 Not Modified?

Is it simply the GET request itself that tells the webserver to reset the session timer?

Or do I need to make sure to actually fetch the page and receive a HTTP/1.x 200 OK response?

+1  A: 

All you have to do to keep the session alive is send a request to a page from the current session. You can do this via iframes, or via ajax.

If you simply refresh the page in the IFrame, the response may be a cached one - thus the 304. You have to send a fresh request every time - 

var url = "http://domain.com/defibrillator.aspx?" + (new Date()).getTime();

E.g.

http://domain.com/defibrillator.aspx?1556467987987
http://domain.com/defibrillator.aspx?5448796497878
http://domain.com/defibrillator.aspx?4123165487987
....

EDIT 1

Or you can use the Refresh HTTP header attribute.


EDIT 1.1

If you are using the codeproject article mentioned above, then try to model it using AJAX instead of iframes - it would save you a few bytes of extra iframe markup.


EDIT 2 - About HTTP 304 Not Modified

If the client has performed a conditional GET request and access is allowed, but the document has not been modified, the server SHOULD respond with this status code. The 304 response MUST NOT contain a message-body, and thus is always terminated by the first empty line after the header fields.

This means that the request hasn't reached the ASP.NET pipeline, and has directly been served by IIS itself. ASP.NET environment doesn't know that a request has been made. So, it won't perform the session renewal.

Kirtan  2009-08-13 09:33:27
Do I read your answer correctly?: Are you saying that a request, which response is a cached one (a 304), will not refresh the ASP.NET session timer? This is exactly the core of my question, so please forgive me for being so explicit.
Sebastian  2009-08-13 10:18:40
Brilliant. This explains why, in this specific project, users are experiencing timeouts - other projects I've worked on, has had a different caching approach, often "no caching".Thank you very much.
Sebastian  2009-08-13 10:42:06

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps