What is a 'split session'?

A split session occurs can occur when there are conflicting policies between dependent sites, i.e., when a site that is currently in isolation requests information from a non-isolated site or vice versa.  This happens because cookies that are set by isolated sites are stored in one of Menlo's Disposable Virtual Containers, but cookies set by non-isolated sites are stored in the browser on a user's local machine.

What are the possible symptoms of a split session (i.e., conflicting policies)?

  • Cookie errors are displayed
  • The connection appears to loop
  • A white screen or blank page is displayed in the browser 
  • The browser screen locks
  • HTTP-403 Forbidden Error
  • SSO Login fails



How can I prevent split sessions/conflicting policy scenarios?

  • If appropriate, change the configuration so that all the interdependent sites have the same isolation policy (e.g., the originating and referenced sites are both Allowed). 
  • Consider switching on the  direct_on_allow feature. This will assist with situations where the user is going from an Isolated site to an Allowed site but not from an Allowed to an Isolated site. This feature is enabled by default for newer tenants, but you may need to request it for older tenants. Please contact Customer Success for further information on this feature.