0

I have a site where I store each user's TenantID in a cookie. Today I noticed if I have one user's site on one computer and the other user's site on another computer and refresh them both at the same time one user will get the other's page content. I will try to explain how the site is configured.

In the controller I have a simple function to access the database and get the user's page based on the cookie value which is that user's tenantid.

[OutputCache(Duration = 1)]  //dont cache
public ActionResult GetContent()
{
    string tenantid = GetSiteCookie();
    if (tenantid == "")
        return RedirectToAction("PickSite", "Login");

    DbContext db = new DbContext
    var model = db.Website.FirstOrDefault(x => x.tenantID == tenantid);

    return PartialView("ContentView", model);
}

When a user hits the page I have some javascript that calls my ajax function and then sets the html in a div with an id = pagecontent in my layout page.

$.ajax({
    url: '/WebSite/GetContent',
    type: 'POST',
    contentType: 'application/json',
    success: function (resp) {
        $('#pagecontent').html(resp);
    }
});

Ok so each user has their own computer and own tenantID stored in their browser as a cookie. The page loads the ajax function is called the controller gets the cookie and returns that user's content. This works fine one user at a time. But if I hit refresh on both computers as the same time user1 will get user2's data or vise versa.

In an attempt to fix this I changed my controller function to accept a variable like this GetContent(string randomStringIDontUse = "") and I then pass in a random string which is different for each user from my ajax call. When I do this and hit refresh at the same time they each get their own content no matter how many times I try. So this works but I don't understand why I would need to do this.

I have even tried to save the tenantID as a session variable for each user then calling GetContent but instead of getting the value from the cookie in GetContent I get the tenantID from a session variable but I still can end up with one user seeing another's content.

Any idea what is going on here and why one user would get the other's content when the query is solely based on the cookie from separate browsers on separate computers?

Muhammed Shevil KP
  • 1,404
  • 1
  • 16
  • 21
bhs8227
  • 81
  • 9

2 Answers2

0

If you don't want to cache you should write [OutputCache(Duration = 0)] also you as long as you use $.ajax you should set cache false there too:

    $.ajax({
        cache: false, //note this
        url: '/WebSite/GetContent',
        type: 'POST',
        contentType: 'application/json',
        success: function (resp) {
            $('#pagecontent').html(resp);
        }
    })
teo van kot
  • 12,350
  • 10
  • 38
  • 70
  • I too suspected caching but the issue with setting Duration = 0 is that I was getting an error if I tried to render the view using @{ Html.RenderAction("GetContent", "Website"); } The error would state "Duration must be a positive number". – bhs8227 Mar 09 '17 at 16:44
0

After doing a bit of research on caching I found this article

Prevent Caching in ASP.NET MVC for specific actions using an attribute

Removing the [OutputCache] attribute and creating my own attribute of [NoCache] and placing this on my controller seems to have solved the problem.

I am not 100% sure if it is needed now but I will also add the cache:false to my ajax calls.

Community
  • 1
  • 1
bhs8227
  • 81
  • 9