views:

6827

answers:

7

How can I clear current session data (cookies, cached data, auth sessions, etc) without restarting the application?

Update: I'm talking about WebBrowser control in Windows.Forms, not the ASP.Net session.

A: 

I would dispose of the WebBrowser control and re-add a new one to the form.

There might be a method to do this through the Document instance that is exposed (since that is what will have the cookie information), but I haven't found how to do it yet (and you would have to do it through COM interop as well if such a method existed).

casperOne
A: 

You have to realise that the way "session state" is tracked, from the point of view of a web server, is by giving the client browser a cookie with a session-id in it. When the browser posts back to the server, that cookie allows the server to associate the request with a stored session state.

So the solution is to clear the cookies of the webBrowser control. Eg webBrowser1.Document.Cookies = "", that should work I think.

ASP.NET also has what it calls "cookieless sessions", which work by adding the session id to the url. So if that's the mechanism used by the server, you could try to filter that out of the url. But you won't see that much, it's mostly the cookie based session state.

Ilya Tchivilev
+1  A: 

webBrowser1.Document.Cookies = "" won't work. This call will not clear the cookie. webBrowser1.Document.Cookies = just works as document.cookie in javascript. You should find the cookie you want to clear, sa 'Session', use webBrowser1.Document.Cookies = "Session = ''"; It will just set the cookie to '', as you want.

+1  A: 

If you have javascript enabled you can just use this code snippet to clear to clear the cookies for the site the webbrowser is currently on (I haven't yet found a way to clear session cookies other than this).

webBrowser.Navigate("javascript:void((function(){var a,b,c,e,f;f=0;a=document.cookie.split('; ');for(e=0;e<a.length&&a[e];e++){f++;for(b='.'+location.host;b;b=b.replace(/^(?:%5C.|[^%5C.]+)/,'')){for(c=location.pathname;c;c=c.replace(/.$/,'')){document.cookie=(a[e]+'; domain='+b+'; path='+c+'; expires='+new Date((new Date()).getTime()-1e11).toGMTString());}}}})())")

It's derived from this bookmarklet for clearing cookies.

In addition to this, you can delete the contents of the ``C:\Documents and Settings\username\Cookies'' folder (minus the index.dat, which is usually locked).

As for the cached data, it should be sufficient to just delete all of the files in ``C:\Documents and Settings\username\Local Settings\Temporary Internet Files''.

If you really need to be able to clear the cookies for all sites, you're probably better off using something like the axWebBrowser control in the long run.

Jordan Milne
+2  A: 

To clear session (such as HttpOnly cookies), you can use InternetSetOption() from wininet.dll.

private const int INTERNET_OPTION_END_BROWSER_SESSION = 42;

[DllImport("wininet.dll", SetLastError = true)]
private static extern bool InternetSetOption(IntPtr hInternet, int dwOption, IntPtr lpBuffer, int lpdwBufferLength);

and use this method whenever need to clear session.

InternetSetOption(IntPtr.Zero, INTERNET_OPTION_END_BROWSER_SESSION, IntPtr.Zero, 0);
webBrowser1.Document.Window.Navigate(url);
Jerry
A: 

I tried everything to clear the form data so the next user would not see the previous email address, etc. I ended up doing this to clear the cookies...

string[] theCookies = System.IO.Directory.GetFiles(Environment.GetFolderPath(Environment.SpecialFolder.Cookies));
foreach (string currentFile in theCookies)
{
   try
   {
      System.IO.File.Delete(currentFile);
   }
   catch (Exception ex)
   {
   }
}
Travis