Click here to Skip to main content
14,774,516 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hello Guys

I need to use cookieless="useuri" in my web config, this is the only way I think multiple browser tabs have a unique sessions.

however implementing cookieless="useuri" would make the application prone to session hijacking.

Is there a way to prevent session hijacking even i want to use cookieless="useuri"?

Updated 21-Mar-12 17:46pm
[no name] 21-Mar-12 22:33pm
What problem are you trying to solve? What multiple tab session fix?
Mico Perez 21-Mar-12 22:50pm
i just improved my question. :-)

1 solution

You can save client IP in session variables on session start and check on every request if current IP and IP from session are the same. This will provide a bit more security.
Mico Perez 25-Mar-12 22:18pm
How? any sample solution?
vishal_h 8-May-14 4:48am
But if IP address assign dynamicaly then

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900