Cookies are basically text data which a web site may store of the user's machine.While developing any web site we need cookies to store some data. Cookies are not considered as safe medium to store data as they could be dangerous in some scenario. Also there might be the case that user has cookies turned off on his machine or the browser doesn't supports the cookies. Our application might get failed if it is depended on cookies support on client side. Most of the time session id is stored at client side in cookies. Therefore we won't be able to retrieve session's data in the case when cookies are not enable.
<sessionstate cookieless="true" />
When you have cookieless session then the url may look like this
http://www.dotnetbyraj.blogspot.com/Posts/(_entv9gVODTzHuenph6KAlK07..)/test.aspx
*Note: It is not good to use cookie-less sessions, because of the session-id is visible in the URL, which can be hacked easily.
ASP.NET Cookieless Support
ASP.NET support cookieless execution of the application when the client doens't have cookies support. When to chose cookieless, the session id is transferred via the request url. Each and every request of the application page contains the session id embedded in its url. So the web application need not to request the session from the cookies.
To set Cookieless session in an ASP.NET application set following value in web.config file
<sessionstate cookieless="true" />
When you have cookieless session then the url may look like this
http://www.dotnetbyraj.blogspot.com/Posts/(_entv9gVODTzHuenph6KAlK07..)/test.aspx
*Note: It is not good to use cookie-less sessions, because of the session-id is visible in the URL, which can be hacked easily.
Also a good reason to use HTTPS.
No comments:
Post a Comment