On my session.Open() event I check to see if they’re session is secure or not and then reroute them.
if not Session.Secure and not DebugBuild then
dim params() as String
for i as Integer = 0 to Session.URLParameterCount - 1
dim pName as string = Session.URLParameterName(i)
params.Append(EncodeURLComponent(pName)+"="+EncodeURLComponent(Session.URLParameter(pName)))
next
Dim url As String = "https://" + hostname + "/"
if params.Ubound > -1 then url = url + "?" + join(params,"&")
if HashTag <> "" then url = url + "#"+HashTag
ShowURL(url)
end
I’m not sure if I should “return” after the ShowURL.
I have additional logic initializes session variables.
When I redirect them does it create a new session where I need to pass over the parameters and hash tag.
Or should I not return and still do this initial setup and it will continue through to the HTTPS redirect.
It appears doing this causes the web app to appear to go offline for a second before navigating them to the secured site. Is there a way to avoid this?
Does PrepareSession() happen after the Open event or before? Would this be a better location for this?
I wouldn’t call Session.Quit. You can probably let the unsecured sessions die on their own. If it becomes a problem, put weakrefs to them in an array and use a timer to call quit in 30 seconds or so.
Will the self.Timeout work for getting uneeded session to expire quicker?[/quote]
No, and it may make it take even longer. Session.TimeOut sets up a timer on the browser side so you can warn users about inactivity.