Home Library Learn Samples Downloads Support Community Forums
Microsoft Developer Network >
ASP.NET - cookieless=UseCookies - only session id in browser? No client cookies?

Întrebare ASP.NET - cookieless=UseCookies - only session id in browser? No client cookies?

  • 12 aprilie 2012 15:51
     
     
    Sign in pentru a vota
    0

    I'm working on asp.net (4.0) web site. I was trying to use form authentication (). Obviously trying to have some of pages secure. My understanding that best solution for security is to set cookieless="UseCookies" so it not going to write id to URL.

    My question is what exactly happening when I use cookieless="UseCookies".

    1. Is session created and some id stored in Browser(~memory which used later to pull info from IIS server side session "cookie") or it's actually spouse to create "regular" client side encrypted cookie?

    (I'm obviously trying to avoid writing to URL and to client side cookies - not sure if all that could be avoided)

    1. If it sets ID in Browser does all the browsers allow store session ID in it. If it's not allowed by Browser what is going to happened? Is there a way to pre check it?

    So I guess as all of us I'm just trying to build proper secure application if anyone got any other suggestion it will be greatly appreciated.

    Tanks a lot,

    • Mutat de Mark Liu-lxf 17 aprilie 2012 02:17 (From:Visual Basic General)
    •  
     

Toate mesajele

  • 13 aprilie 2012 05:03
     
     
    Sign in pentru a vota
    0

    Hello Woiix

    This forum is for VB Net (and then mainly code and designers but also aspects related to those), including ASP.Net.

    However, your question is maybe for 0,1% related to VB (you made the program probably with VB but the created assembly is then still a .Net assembly)

    So try some better Microsoft forums for your question.

    http://forums.asp.net

    http://forums.IIS.Net

    Success
    Cor

     
© 2013 Microsoft. All rights reserved.