};
-// Incredible that the standard JavaScript runtime doesn't define a
-// unique windowId. Instead, we have to make one up. And since there's
-// no global area shared between windows, the best we can do for
-// ensuring uniqueness is generating a random ID and crossing our
-// fingers. We stash this in window.name, as it's the only place to
-// keep data that is preserved across reloads and within-site
-// navigation. pz2.js picks this up and uses it as part of the
-// cookie-name, to ensure each tab gets its own session.
+// We put a session ID in window.name, as it's the only place to keep
+// data that is preserved across reloads and within-site navigation.
+// pz2.js picks this up and uses it as part of the cookie-name, to
+// ensure we get a new session when we need one.
+//
+// We want to use different sessions for different windows/tabs (so
+// they don't receive each other's messages), different hosts and
+// different paths on a host (since in general these will
+// authenticate as different libraries). So the window name needs to
+// include a session identifier, the hostname and the path from the
+// URL.
+//
if (window.name) {
mkws.log("Using existing window.name '" + window.name + "'");
} else {
+ // Incredible that the standard JavaScript runtime doesn't define a
+ // unique windowId. Instead, we have to make one up. And since there's
+ // no global area shared between windows, the best we can do for
+ // ensuring uniqueness is generating a random ID and crossing our
+ // fingers.
+ //
// Ten chars from 26 alpha-numerics = 36^10 = 3.65e15 combinations.
// At one per second, it will take 116 million years to duplicate a session
- window.name = Math.random().toString(36).slice(2, 12);
+ var session = Math.random().toString(36).slice(2, 12);
+ window.name = window.location.hostname + window.location.pathname + '/' + session;
mkws.log("Generated new window.name '" + window.name + "'");
}