Get me outta here!

Anti-AOL

How to Cancel, Uninstall, or Simply Deal With AOL

Menu

Skip to content
  • Home

Questions for web developers who code sites to work for AOL users visiting from AOL proxies…

December 28, 2009 by anti_aol

One of my readers, koshinbay13, has a few questions about coding a website to work for AOL users. After reading about AOL’s caching proxy servers, he’s looking for PHP code to prevent an AOL user’s cookies from getting passed to the next AOL users who show up on his site.

I can’t answer his PHP questions, but I’ve posted a response below to answer the rest of his questions as best as I can. Best answer from any of *you* gets posted to my “how-to” section as a permanent post with your name and website credited if you like.

In the meantime, I’d like anyone and everyone (especially if you’re a web dev! or if you work for AOL and have in-depth knowledge of proxy caching) to just throw in your two cents.

A few questions about caching on AOL…

Let us assume that Jeff, Sally, Bob, and Mary are all AOL users…(Firefox, IE, and Google Chrome browsers do not have this problem…at least when not AOL members.) Each of the four visit at random times and with varied number of pageviews per day. Sometimes, they are even on at the same time.

First, if any of them get internet through AOL as their ISP, the browser is forced into using the proxy settings no matter what options the browser thinks are set since AOL is the pipeline for all the data it will receive. Is there anyway around that?

Let’s say Jeff logs in first. A session is created in PHP using the standard automated session_start() function call before any output is sent. Since several HTTP requests are made to create the page, does AOL’s IP address switching through proxy cause separate sessions to be created. or lost? Does anyone know if the IP address itself is part of the session_start() “recipe” to generate the PHP session ID?

Assuming Jeff is successful at logging in in the first place and the session retains the ID it started with including session variables, and cookies are enabled on both my server and the Jeff’s browser, where are the cookies stored? Jeff’s PC, or globally on the AOL Proxy Server? I guess from your article and the other it is the proxy server…which is bad news for me…and “Jeff”. Are the PHP global session variables retained at all (based on the session ID status I suppose)?

Now, Jeff either leaves or stays on doing his business or reading the latest articles. Mary jumps on line (also using AOL) and goes to her pages (or tries to log in). Is she going to be logged in as Jeff because cookies are stored via proxy and not on their individual PC’s. If Jeff is still on and has a session started, does Mary automatically become part of his session? Would this then cause Jeff to become Mary as soon as she logs in? Would their attempts to log in be like a tug of war as they each cover the session and/or cookie values a few seconds after each other?

Sally logs in later…maybe. Will she also be logged in back and forth as herself, Jeff, and Mary? Does Bob inherit the same issue when he logs in even if Jeff has logged out? If Bob logs in and no one else is in at the same time to “interfere” with the session and cookie settings, will Jeff then see Bob’s info the next day when he logs in because Bob was the last value the session or cookie had? Since AOL is supposed to kill the session after they log out (of AOL, not my site), the session is likely destroyed. However, the cookie is still “in the jar” and fresh so that each user can be remembered when they return. Does AOL flush cookies automatically like the cache? And if cookies are stored on the Proxy Server, how does AOL know which user has which cookie? If it is on the proxy server(s), does this mean that my site can only store 30 cookies for all X users at one time?

My search revealed very little solutions to the problem, but was able to fine code to search if the user is browsing with AOL and sending a header to prevent caching. In my code, I plan to use this:

if(strpos($_SERVER['HTTP_USER_AGENT'], 'AOL') !== false )
{
header("Cache-Control: no-store, private, must-revalidate,

proxy-revalidate, post-check=0,
pre-check=0, max-age=0, s-maxage=0");
}

I see how it should affect the caching of the page, but I do not think it changes cookies at all, or affects the session issues (if they exist).

Is there a way around this that will allow AOL users to keep their own cookies and retain session data while using a site? Or did they simply continue to plug their ears and close their eyes.

I realize this is a long post, but I wanted enough info to establish the problem and the right questions. Since Cookie use is somewhat subjective to the browser implementation (an understatement no doubt), has anyone found a solution to make it work correctly? Am I doing something wrong (for AOL) or mistaken?

OK, everyone, your turn….any thoughts?

aol software reader's questions reader-submitted content aol sites & servicesaol sites & services: caching proxyreader's questionsreader-submitted content

Post navigation

← How do I remove the AOL Dialer?
How to Cancel Your Free or Paid AOL Account With AOL’s Online Cancel Form – Updated 1-18-2016 →

How to contact the BBB to get your complaint resolved with AOL

Some former AOL subscribers who read my blog have collectively gotten almost $3,000 back in overcharges from AOL.  Find out how!

Sometimes you've done it all - tried  to cancel, to get your money back, even written or  called whomever - but no matter what you try, it's not working. Maybe it's time to file a formal complaint. The BBB has been  very helpful for many in resolving complaints against AOL.

--> Here's my post on how to contact the BBB and get your complaint resolved with AOL! <--

Categories

  • aol acquired by verizon
  • aol data leak
  • aol fraud/cancellation settlements
  • aol free proxy
  • aol free trial cds
  • aol hides cancel page
  • aol hit list
  • aol news – misc.
  • aol removal guides
  • aol removers
  • aol software
  • aol software/services unsafe
  • faqs for quitting/removing aol
  • first post
  • hacking aol
  • how to file complaint on aol
  • how to: use aol email anonymously
  • how-to
  • how-to: cancel aol
  • how-to: contact aol
    • aol fraud dept phone number
  • how-to: find aol classic page
  • how-to: manage aol email
  • how-to: remove aim
  • how-to: remove aol
  • how-to: switch to firefox
  • just cancel the account
  • layoffs at aol
  • myths about aol
  • reader's questions
  • reader-submitted content
  • reviews
  • site news
  • top 5 lists

Archives

  • December 2015
  • June 2015
  • May 2015
  • August 2012
  • March 2012
  • August 2011
  • June 2011
  • January 2011
  • November 2010
  • October 2010
  • September 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • July 2008
  • June 2008
  • May 2008
  • March 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • December 2005

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 18 other followers

Blog Stats

  • 222,184 views

Member of The Internet Defense League

WordPress.com.