This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 19%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
Hello,
I would like my project to log out when closing the browser (Edge) or when closing the Tab that contains it. The program is in ASP.NET with MVC and Framework 4.5.1.
Now I have inserted this script in _Layout.chtml
<script language="Javascript">
window.onbeforeunload = function BClose() {return "Do you really want to close?";};
</script
>
and this instruction in the body of the same view
<body onbeforeunload="BClose()" onclick="clicked=true;">
Unfortunately all of this does not work.
The only result produced is that when I move from one view to another, a message box always appears asking me if I want to exit or not.
I have tried numerous examples but none that act when the browser or tab is closed.
Any suggestions or examples?
Regards
You don't mention how your security works. If you are using standard Cookie authentication or Session then simply do not persist the cookie. The cookie expires when the browser is close.
Cookie are scoped to the browser instance so there is not way to do the same when a tab is closed.
Keep in mind, this is well-known information if you've done any research then you should have come across this fact.
Hi,
I use Microsoft.Owin.Security
The Microsoft.Owin.Security namespace has many extensions and options. If you build a browser based application like MVC or Web Forms then you probably using an authentication cookie. Again, simply do not persist the cookie at creation time. Closing the browser will expire the cookie.
If you are using the standard "Individual Account" that comes with Visual Studio then the code looks like the following.
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
Simply set the isPersistent option to false.
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, false, shouldLockout: false);
Otherwise, please be more specific and show your code to allow us to help you.
Hi, I use this code
var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, false, shouldLockout: false);
this is my LogOff and LogIn
public ActionResult LogOff()
{ AuthenticationManager.SignOut();
Session.Abandon();
Session.Clear();
Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
this.Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1));
this.Response.Cache.SetCacheability(HttpCacheability.NoCache);
this.Response.Cache.SetNoStore();
return RedirectToAction("Index", "Home");
}
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (model == null)
{
return View(model);
}
try
{
var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, false, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
return View("Lockout");
}
}
catch (Exception ex)
{
ModelState.AddModelError("", "Error..");
return View(model);
}
}
}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
there is no browser close event, before unload fires on every page navigation. to use this event to detect navigation away, you code every valid navigation on the page to set a global variable, that the unload event uses to detect valid navigation.
due to abuse, the before unload event has been restricted what can be done during the event. while you can find suggestion to do what you want, they are not foolproof and always have issues.
In other words what can I do ? Have you an example ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 51%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Hi @Anto BAro ,
It would be impossible for a user to quit a page if the JavaScript executed on page unload were blocking. On some browsers, the unload event will fire, but a race condition will occur between your script and cleanup of the page. So, I suggest you could use FormsAuthentication method and set Persistent to False.
Best regards,
Yijing Sun
In other words what can I do ?
Using a Session Cookie (isPersistent = false) is the best you can do.
Modern browser do not allow HTTP requests in the unload event. Any light research should alert you to this fact.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 98%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
@AgaveJoe - your snarky attitude does not help people visiting this site looking for assistance...