So I have a website where I use session start and end events to track and limit open instances of our web application, even on the same computer. On page unload i call a session enabled page method which then called session.abandon.
This triggers session end event and clears the session variable but unfortunately does not kill the session cookie!! as a result if other browser instances are open there are problems because their session state just disappeared...and much worse than this when I open the site again with the zombie session still not expired, I get multiple session start and session end events on any subsequent postbacks. This happens on all browsers. so how do I truly kill the session (force the cookie to expire)