cedrozor
commented
3 years ago Thanks for your input, indeed this not by design. After check, it's a regression into 2.9.2 due to the introduction of the ability to share a session by url (AllowShareSessionUrl into web.config), directly by copying/pasting the url from a client to another. Because the http session id can't be used as unique identifier for a client anymore, I adapted the anti-spoofing mechanism I had setup long time ago (a ClientKey stored in a cookie) to be used a client identifier instead of the http session id.
Problem is, all myrtille tabs share the same domain cookie, thus the same client key. This is the reason of the need for "UseUri" session state into web.config to allow multiple connections/tabs, each tab bound to a distinct http session and remote session.
The solution is to use the concatenation of http session id and client key. I will see to fix this into the next release.
Using version v2.9.2.
In the 1st browser tab I have a running RDP session to server A.
In the 2nd browser tab I have a running RDP session to server B.
The sessions are opened by URL created with the REST API.
When I enter the address bar of the 2nd browser tab and click F5 (refresh), the page reloads and displays the session from the server A, instead of the server B.
I guess this is not by design?