Stale Browser Detection


Recommended Posts

A lot of questions on here (one of which has been mine, and has tripped me up a couple of times) are the "wrong csrf_token" in the logs due to browsers being left open over a reboot.  I have a habit of leaving quite a few browsers open here and there and swamping my log.

 

Would a UI update be possible that stores a boot ID/timestamp in the client and periodically polls the server to see if they still match? (I don't know what data is available to the client, but presumably there's something that could identify the current boot without compromising security)

 

Then, if the server has been rebooted, the browser will know by the next ajax call, stop further calls and either...

- reload (not sure it's wise)

- redirect to a message page

- overlay a modal message

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.