ASP.NET Cookie and Cookieless
来源:互联网 发布:java远程读取linux文件 编辑:程序博客网 时间:2024/04/28 02:25
http://weblogs.asp.net/paulomorgado/archive/2008/08/01/iis-asp-net-cookieless-support-not-working-as-expected.aspx
IIS/ASP.NET Cookieless Support Not Working As Expected
In one of the environments I work, cookies cannot be used because the pages run inside web browser controls running on a client application and cookies end up being shared by all browsers.
Fortunately, ASP.NET allows us to persist some cookies as part of the URL.
To persist the session state identifier cookie in the URL we just need to add the following configuration:
and you’ll get URLs like this:
http://localhost/Cookieless/(S(jcmwek3ja0lvdpbwoacpjirv))/default.aspx
The way IIS and ASP.NET do this is by IIS removing the section between parenthesis after the virtual directory path and adding the AspFilterSessionId HTTP header to the request. Than, ASP.NET picks it up and extracts the cookie.
I wrote this simple page to demonstrate this working:
For the above URL, we'll get a page like this:
Raw URL/Cookieless/default.aspxCookiless Cookies
AspFilterSessionId Request HTTP HeaderS(jcmwek3ja0lvdpbwoacpjirv)Session IDjcmwek3ja0lvdpbwoacpjirv
IIS strips these cookies even for serving static content like cascading stylesheets.
You can test this by creating a default theme. You can do this by adding a Default folder under the App_Themes folder and adding a Styles.css file to it:
and setting the theme as default using the following configuration:
<configuration>
<system.web>
<sessionState cookieless="UseUri" />
<pages theme="Default"/>
</system.web>
</configuration>
And you'll get a "pretier" page:
Raw URL/Cookieless/default.aspxCookiless Cookies
AspFilterSessionId Request HTTP HeaderS(jcmwek3ja0lvdpbwoacpjirv)Session IDjcmwek3ja0lvdpbwoacpjirv
If you have special needs for your session state identifiers, you can implement your own session identifier manager.
But if you want to use cookieless cookies, you only have one way to do it: extend the SessionIDManager class:
and configure the session state module to use it:
And we'll end up with this nice page:
http://localhost/Cookieless/(S(%7b0861e55a-e29b-4b6f-825b-1e1d4c57f095%7d))/default.aspx
Raw URL/Cookieless/(S({0861e55a-e29b-4b6f-825b-1e1d4c57f095}))/default.aspxCookiless Cookies
AspFilterSessionId Request HTTP Header Session ID{0861e55a-e29b-4b6f-825b-1e1d4c57f095}
OOPS! What happened here?
Looks like IIS was unable to transfer the cookies to the appropriate HTTP header but ASP.NET was able to find the requested resource. On the other hand, IIS couldn’t find the http://localhost/Cookieless/(S(%7b0861e55a-e29b-4b6f-825b-1e1d4c57f095%7d))App_Themes/Default/Styles.css.
This happens in these environments:
Fortunately, in IIS 7 you can have HTTP modules in integrated pipeline mode that are called for every resource requested to IIS.
Your module doesn’t even need to do nothing. It just needs to exist:
and be added to the configuration:
And our “pretty” page is back:
Raw URL/Cookieless/default.aspxCookiless Cookies
AspFilterSessionId Request HTTP HeaderS({0861e55a-e29b-4b6f-825b-1e1d4c57f095})Session ID{0861e55a-e29b-4b6f-825b-1e1d4c57f095}
Is it just me, or there’s something definitely wrong here?
That’s why I opened this bug on Microsoft Connect
- ASP.NET Cookie and Cookieless
- asp.net 2.0 下的表单验证Cookieless属性
- asp.net 2.0 下的表单验证Cookieless属性
- asp.net 2.0 下的表单验证Cookieless属性
- asp.net 2.0 下的表单验证Cookieless属性
- ASP.NET中FORM验证中的cookieless属性
- Session, Cookie, Web.config中的cookieless总结
- Session, Cookie, Web.config中的cookieless总结
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie .
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- asp.net,cookie,写cookie,取cookie
- 使用 JFreeChart来创建基于web的图表
- Javascript 语法讲解
- 编程学习中
- 初学C语言必须掌握的基础小程序
- MFC的程序执行顺序详解
- ASP.NET Cookie and Cookieless
- ECom: 接口的完成
- .net下的初、中、高级问题
- 未
- Web 设计与开发终极资源大全(上)
- 线程安全
- InstallShield12豪华版破解版下载|InstallShield下载|软件打包工具
- 串口通信的基本概念
- ECom Step by Step(转)