How to detect that the same page is already opened in another window in IE

Question

Is there any way to check that my page is not opened in another tab or window in IE? Say I have Page1 and user hits "new window", which will open a new window with the same page opened. So now there are two instances of the page. I want to restrict the browser to only have one instance of the page opened at any given time.

One of the requirements is that users must be able to refresh the page and still be in the same state inside the application. So one-time tokens are not suitable.

Not sure that there is any way to distinguish between a page refresh and a new window opened, that's why I'm asking.

P.S. This is not for a normal website, and I understand that doing this usually would be intrusive and evil. There is a strong case to do this here, as it is a massive web application.

Answer 1

The only way I can think of is for each page to create a cookie identifying the page and its access-time, with an expiry time of only a few seconds or minutes (adjust to taste), and on-load of your site (or page-load) checking whether that cookie exists.

Psuedo-code:

if (cookie exists) {

Page already loaded in another tab/window.

}

else {

write cookie

}

Possiby you could use some form of session id, based on something non-unique. Perhaps with the user's IP address, user-name and salt? The downside of using the IP address alone is all users behind a router share that same address, the benefit of coupling it with username is that it's at least unique per-user and the salt is used for basic security (it might not be all that important to you, but it still seems like good practice), and prevents a user being locked out because they've 'got another window open' somewhere.

As above, check if the session id exists, and, if not, then create it.

As noted by @Spender, in the comments to your question and to another answer, any solution that implements this has at least the one problem of people not being allowed to refresh the page. Which a short cookie-time at least mitigates for, but not in a way that doesn't stop users being likely irritated.

---

Edited:

To deal with the need for page-refresh, I guess you could use the onUnload (or jQuery's .unload) to destroy the cookie, so that it's removed for the user leaving/refreshing the page.

The js that runs onUnload could be used to remove the session variable too, by Ajax, or just the cookie on the client-side.

Answer 2

The best way to implement this is by having a server side token (many banks do this) that is regenerated at each request and must be passed back for the pages to function.

So basically:

1. You append a generated token to each link (as a part of the query string)
2. Any request that you recieve that does not contain the token can be considered invalid.
3. Generate a new token at each request so that only 1 token is valid at any 1 time

Answer 3

Easy way to do it is to use windowName

window.open(windowURL, windowName, windowFeatures); 

assign it somethign unique and check it when the link is clicked to make sure that hasn't been open already.

this guy explains it realy good. - http://www.joemarini.com/tutorials/tutorialpages/window1.php