Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Támogatás keresése

Kerülje el a támogatási csalásokat. Sosem kérjük arra, hogy hívjon fel egy telefonszámot vagy osszon meg személyes információkat. Jelentse a gyanús tevékenységeket a „Visszaélés bejelentése” lehetőséggel.

Learn More

A témacsoportot lezárták és archiválták. Tegyen fel új kérdést, ha segítségre van szüksége.

Firefox is prematurely deleting asp.net session cookies before their expiration time.

  • 4 válasz
  • 1 embernek van ilyen problémája
  • 1 megtekintés
  • Utolsó üzenet ettől: Kirk9

Kirk9
Kirk9
more options

I create an Asp.Net Session Coookie using Microsoft's owin Identity 2.0 on my website, and it has an expiration of 7 days. This works perfectly for IE, Chrome, and Safari.

However Firefox seemingly randomly deletes this cookie before the expiration date/time. My test pattern is like this: Sign in to my website. The cookie is there and I'm authenticated. Close Firefox, and re-open, then re-navigate to my website. I'm automatically signed in, just like I should be. Now Close Firefox and wait between 30mins - 24hours.

Now I Re-open Firefox, navigate to my website, and then one of two things happens. Generally, I'm signed out and have to re-sign in (the cookie is gone). However about 30% of time, I'll be logged in automatically. If I close firefox and re-open immediately, I'll be signed out. This time period varies by as much as 24 hours, and this happens across multiple (20+) Windows 7 computers.

Sometimes I'm signed back in and everything works fine, but this is rare, and usually less than an hour.

I'm using version 37 and 38 for testing (most testing has been done on: 38.0.5 Build ID 20150525141253).

I have Firefox set to Accept Cookies, not to delete cookies on close. I've tried adding my domain to the "allow" exceptions list. I've scoured forums and stack-overflow with no luck. I'm stumped and my client is unhappy. Any thoughts?

I create an Asp.Net Session Coookie using Microsoft's owin Identity 2.0 on my website, and it has an expiration of 7 days. This works perfectly for IE, Chrome, and Safari. However Firefox seemingly randomly deletes this cookie before the expiration date/time. My test pattern is like this: Sign in to my website. The cookie is there and I'm authenticated. Close Firefox, and re-open, then re-navigate to my website. I'm automatically signed in, just like I should be. Now Close Firefox and wait between 30mins - 24hours. Now I Re-open Firefox, navigate to my website, and then one of two things happens. Generally, I'm signed out and have to re-sign in (the cookie is gone). However about 30% of time, I'll be logged in automatically. If I close firefox and re-open immediately, I'll be signed out. This time period varies by as much as 24 hours, and this happens across multiple (20+) Windows 7 computers. Sometimes I'm signed back in and everything works fine, but this is rare, and usually less than an hour. I'm using version 37 and 38 for testing (most testing has been done on: 38.0.5 Build ID 20150525141253). I have Firefox set to Accept Cookies, not to delete cookies on close. I've tried adding my domain to the "allow" exceptions list. I've scoured forums and stack-overflow with no luck. I'm stumped and my client is unhappy. Any thoughts?

Kiválasztott megoldás

It turns out that Firefox was the only browser behaving correctly. I finally traced the bug to an error in how MS Identity 2.0 was handling the "remember me" cookie. The cookie was getting overwritten on successful login, but only after the session had expired on IIS.

The bug is supposed to be fixed in MS Identity 2.2.1 alpha. as per:

https://aspnetidentity.codeplex.com/workitem/2319

Válasz olvasása eredeti szövegkörnyezetben 👍 0

Összes válasz (4)

guigs
guigs
more options

It simply means that the runtime of the application has expired. See: http://blogs.msdn.com/b/david.wang/ar.../why-do-i-lose-asp-session-state-on-iis6.aspx

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

When you are starting Firefox, before going to the site, could you check whether the session cookie is still set? There are many ways to access the Cookies dialog, including:

  • Paste chrome://browser/content/preferences/cookies.xul into the address bar and press Enter (I suggest bookmarking this if you plan to use it often)
  • Options > Privacy > [Firefox will: Use custom settings for history] > "Show Cookies" button
  • Type or paste about:permissions in the address bar and press Enter

Each of those has a search box to filter the list so you can get to your site quickly.

Kirk9
Kirk9 Kérdés tulajdonosa
more options

guigs2 said

It simply means that the runtime of the application has expired. See: http://blogs.msdn.com/b/david.wang/ar.../why-do-i-lose-asp-session-state-on-iis6.aspx

Thanks for your response guigs2. This doesn't seem to be the issue. I've just forced the app-pool to recycle, and even restarted IIS. My session was maintained across both events in all browsers. (I used a fresh login on Firefox to ensure I'd not run into any time-out issues).

For what it's worth, I'm using IIS8.

Thanks for your suggestion!

Kirk9
Kirk9 Kérdés tulajdonosa
more options

Kiválasztott megoldás

It turns out that Firefox was the only browser behaving correctly. I finally traced the bug to an error in how MS Identity 2.0 was handling the "remember me" cookie. The cookie was getting overwritten on successful login, but only after the session had expired on IIS.

The bug is supposed to be fixed in MS Identity 2.2.1 alpha. as per:

https://aspnetidentity.codeplex.com/workitem/2319