Reputation: 103
Set Sessionstate cookieless="true" in asp .Net, is the sessions state maintained?
How can the session state be maintained in asp.Net, if the cookies are turned off in browser or cookieless="true" is added within sessionmode tags in web.config?
The following tag shows cookieless="true" in web.config.
<sessionState mode="InProc"
cookieless="true"
timeout="30"/>
Upvotes: 9
Views: 19087
Answers (2)
Reputation: 7462
Answer is yes, it will still maintain session via URL. It will attach unique identifier for session to URL, that unique identifier is stored in cookie for cookieless = false.
URL will look like this - http://yourserver/folder/(session ID here)/default.aspx
Live example -
http://localhost:2677/WebSite1/(S(3abhbgwjg33aqrt3uat2kh4d))/cookielesssessiondetection.aspx
Here 3abhbgwjg33aqrt3uat2kh4d is session id.
Upvotes: 2
Reputation: 21795
ASP.NET framework inserts a unique id to the URL, you can check this by disabling the cookie or by setting the cookieless attribute to true as you did.
According to MSDN:-
By default, the SessionID value is stored in a non-expiring session cookie in the browser.
If you specify cookieless="true" then:
ASP.NET maintains cookieless session state by automatically inserting a unique session ID into the page's URL.
Upvotes: 8
Related Questions
- Do session use cookies?
- How does ASP.Net Cookieless work ?
- Cookies and session state in asp.net
- Does ASP.NET Session state work without cookies?
- Switch dynamically to cookieless session state asp.net?
- Cookieless sessions in asp.net
- cookies and the session state object
- Can i still store value in session if in browser cookie is disabled?
- Do session use cookies in ASP.NET?
- if cookies are disabled, does asp.net store the cookie as a session cookie instead or not?