ASP.NET 2.0 Cookieless Session problems

5 Comments

• Hi Chris,
  
  
  
  If you want to send me email (scottgu@microsoft.com) I can have someone take a look.
  
  
  
  Note that cookieless sessions and cookieless forms authentication are two different things, that are configured separately. Having cookieless sessions is very different from having cookieless authentication -- so you should make sure both are configured.
  
  
  
  Hope this helps,
  
  
  
  Scott
  

• Thanks Scott!
  

• I have a similar problem with Cookieless sessions (UseUri). ASP.Net sometimes creates a new session on subsequent requests rather than connecting to the old session.
  
  It only seems to happen when I send back XML using Response.Write(doc.InnerXml).
  
  Response.Write(doc.InnerText) is OK.
  
  Anyone else had this?
  

• I've discovered that menus don't work with them because the hyperlinks in the menus don't transmit the information munged into the url. But i'd like to use a menu too
  

• I know this is an old post, but I am using ASP.NET 2.0 with forms auth with the attribute of cookieless="AutoDetect". The issue I am having is that the session ID is changed between postbacks within the application and not maintained at all, even after I have disabled cookies in my browser. The server is still issuing a Response.Cookie for the Session ID as well as placing a hash into the url such as /x(1)f(kldjf)/. I have also enabled the cookies on my browser (IE) with the same behavior. I have tested the same with Firefox and did not have the issues with cookies enabled. With cookies enabled in FireFox, there were no added strings to the url and session was maintained via the session cookie. However when I disabled cookies in FireFox, I still experienced the session state loss, similar to IE6 and IE7.