Getting cookie in url when - cookieless="true"

M

moondaddy

in the webconfig I set:
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="true"
timeout="20"
/>

and then in the browser address bar I get this:

http://localhost/CharmpixV2/(wexkf1ywxjkgdjzjnsrcdeqz)/test1.aspx

Why is this and whats how do I get rid of it. I thought that if
cookeiless=true then there would be no cookie, and when there is a cookie,
its hidden. I must really be missing something here....

Can someone set me straight?
 
S

Somchai U.

If you do not use Cookies, ASP.NET will use URL to store session id. This is
correct. If you do not like ugly URL, you have to use Cookies.

Somchai
 
H

Hans Kesting

moondaddy said:
in the webconfig I set:
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="true"
timeout="20"
/>

and then in the browser address bar I get this:

http://localhost/CharmpixV2/(wexkf1ywxjkgdjzjnsrcdeqz)/test1.aspx

Why is this and whats how do I get rid of it. I thought that if
cookeiless=true then there would be no cookie, and when there is a cookie,
its hidden. I must really be missing something here....

Can someone set me straight?
Click to expand...

if you specify 'mode="off" ', then you will be rid of both cookies and
the ugly url. Of course, you won't have any sessions then, but this might
be just what you want?

For sessions to work you need some sort of session-identifier, either
by cookie or by url.

Hans Kesting
 
S

Steven Cheng[MSFT]

Hi Moondaddy,

I agree with Hans and Somchai, since the each client's Serverside Session
are idenitfied by a SessionID, be default, it is stored via cookie. When we
disabled cookie(use cookieless session state). The ASP.NET will embed the
sessionid among the Url, that's why you see the unexpected value between
the url. It's necessary for maintain the sessionstate between requests.
Here are some further reference on ASP.NET's Session state:

#Underpinnings of the Session State Implementation in ASP.NET
http://msdn.microsoft.com/library/en-us/dnaspp/html/aspnetsessionstate.asp?f
rame=true

#Controlling Session State
http://msdn.microsoft.com/library/en-us/mwsdk/html/mwconcontrollingsessionst
ate.asp?frame=true

Hope also helps. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
 
S

Steven Cheng[MSFT]

Hi Moondaddy,

Have you had a chance to check out the suggestions in my last reply or have
you got any further ideas on this issue? If you have anything unclear or if
there're anything else we can help, please feel free to post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Session Timeout 4
SQL Server session state not working unless cookieless=true 1
Session Timeout 4
Timeout on web page is too short, changing web.config seems to have no affect 2
sessionState cookieless and forms cookieless 2
Session restarting for every page 2
sessionState mode="StateServer" 0
Is my security cookie timing out? 0

Members online

Total: 29 (members: 2, guests: 27)
Robots: 186

Forum statistics

Threads
473,773
Messages
2,569,594
Members
45,119
Latest member
IrmaNorcro

Latest Threads

Top