{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Summer. ? 凉城 的问题《How to detect that the same page is already opened》','https://www.manongdao.com/q-575965.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Is there any way to check that my page is not opened in another tab or window in IE? Say I have Page1 and user hits "new window", which will open a new window with the same page opened. So now there are two instances of the page. I want to restrict the browser to only have one instance of the page opened at any given time.
One of the requirements is that users must be able to refresh the page and still be in the same state inside the application. So one-time tokens are not suitable.
Not sure that there is any way to distinguish between a page refresh and a new window opened, that's why I'm asking.
P.S. This is not for a normal website, and I understand that doing this usually would be intrusive and evil. There is a strong case to do this here, as it is a massive web application.
The only way I can think of is for each page to create a cookie identifying the page and its access-time, with an expiry time of only a few seconds or minutes (adjust to taste), and on-load of your site (or page-load) checking whether that cookie exists.
Psuedo-code:
Possiby you could use some form of session id, based on something non-unique. Perhaps with the user's IP address, user-name and salt? The downside of using the IP address alone is all users behind a router share that same address, the benefit of coupling it with username is that it's at least unique per-user and the salt is used for basic security (it might not be all that important to you, but it still seems like good practice), and prevents a user being locked out because they've 'got another window open' somewhere.
As above, check if the session id exists, and, if not, then create it.
As noted by @Spender, in the comments to your question and to another answer, any solution that implements this has at least the one problem of people not being allowed to refresh the page. Which a short cookie-time at least mitigates for, but not in a way that doesn't stop users being likely irritated.
Edited:
To deal with the need for page-refresh, I guess you could use the
onUnload(or jQuery's.unload) to destroy the cookie, so that it's removed for the user leaving/refreshing the page.The js that runs
onUnloadcould be used to remove the session variable too, by Ajax, or just the cookie on the client-side.Easy way to do it is to use windowName
assign it somethign unique and check it when the link is clicked to make sure that hasn't been open already.
this guy explains it realy good. - http://www.joemarini.com/tutorials/tutorialpages/window1.php
The best way to implement this is by having a server side token (many banks do this) that is regenerated at each request and must be passed back for the pages to function.
So basically: