Parag Meshram
Parag Meshram

Reputation: 8521

What are cookieless sessions?

In ASP.NET, I'm a bit confused about role of cookies in session state. Whats is the difference between normal session state and cookieless session state?

Upvotes: 14

Views: 25453

Answers (4)

Paul Alan Taylor
Paul Alan Taylor

Reputation: 10680

Normal session state involves providing a cookie. The cookie contains a session identifier which is used by the website to match visitors up with their respective session values.

Cookieless session state uses the same principles, but doesn't use cookies to pass the session identifier around. Normally, this is passed as a parameter on the querystring.

e.g.

http://www.somewebsite.com/page.aspx?sid=jrkwojeqrojq3op349023231234r23rf2

Upvotes: 24

Daniel Vassallo
Daniel Vassallo

Reputation: 344571

ASP.NET is able to modify relative links found within the page and embed the Session ID in the URLs instead of storing it in a cookie.

Thus, as long as the user follows the path of links the site provides, session state can be maintained without using cookies. However, if the end user re-writes the URL, the session state instance will most likely be lost.

Further reading:

Upvotes: 4

Sky Sanders
Sky Sanders

Reputation: 37104

cookieless means that the sessionId is munged into the url for each request as opposed to setting a cookie on the browser.

Upvotes: 1

kgiannakakis
kgiannakakis

Reputation: 104196

The cookie less session doesn't use a cookie is user's browser to store session state. Instead it stores the session either in the page itself or in the url. Read here for a comparison.

Upvotes: 3

Related Questions