Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to differ sessions in browser-tabs?

People also ask

How do browser tabs differ sessions in PHP?

To distinguish between tabs you just have to check $_COOKIE['tab_id'] on the server and store sessions values appropriately.

Are different tabs different sessions?

Per default, there is no way to have different sessions in the same browser window. The sessions are always shared trough all tabs. If two different Sessions are enough, you could use a privat/incognito browser window. A other solution could be to use HTML 5 SessionStorage for your variables.

Do browser tabs Share sessions?

By default all browsers share session state between multiple tabs. So if you logged into one tab with particular site and open internal link of the same site in new tab, you need not to worry to login again. It will automatically declare you as logged in user. For example, if I open google and login to google.com.


You can use HTML5 SessionStorage (window.sessionStorage). You will generate a random id and save in session Storage per Browser Tab. Then each browser tab has his own Id.

Data stored using sessionStorage do not persist across browser tabs, even if two tabs both contain webpages from the same domain origin. In other words, data inside sessionStorage is confined to not just the domain and directory of the invoking page, but the browser tab in which the page is contained in. Contrast that to session cookies, which do persist data from tab to tab.


You have to realize that server-side sessions are an artificial add-on to HTTP. Since HTTP is stateless, the server needs to somehow recognize that a request belongs to a particular user it knows and has a session for. There are 2 ways to do this:

  • Cookies. The cleaner and more popular method, but it means that all browser tabs and windows by one user share the session - IMO this is in fact desirable, and I would be very annoyed at a site that made me login for each new tab, since I use tabs very intensively
  • URL rewriting. Any URL on the site has a session ID appended to it. This is more work (you have to do something everywhere you have a site-internal link), but makes it possible to have separate sessions in different tabs, though tabs opened through link will still share the session. It also means the user always has to log in when he comes to your site.

What are you trying to do anyway? Why would you want tabs to have separate sessions? Maybe there's a way to achieve your goal without using sessions at all?

Edit: For testing, other solutions can be found (such as running several browser instances on separate VMs). If one user needs to act in different roles at the same time, then the "role" concept should be handled in the app so that one login can have several roles. You'll have to decide whether this, using URL rewriting, or just living with the current situation is more acceptable, because it's simply not possible to handle browser tabs separately with cookie-based sessions.


The window.name Javascript property, is the only thing that will persist across tab activity, but can remain independent (instead of URL guff).


You shouldn't. If you want to do such a thing either you need to force user to use a single instance of your application by writing URLs on the fly use a sessionID alike (not sessionid it won't work) id and pass it in every URL.

I don't know why you need it but unless you need make a totally unusable application don't do it.