views:

39

answers:

1

I am a bit baffled here; using IE7, ASP.NET 2.0 and Cassini (the VS built-in web server; although the same thing seems to be true for "real" applications deployed in IIS) I am looking for the session-id-cookie.

My test page shows a session id (by printing out Session.SessionId) and Response.Cookies.Keys contains ASP.NET_SessionId. So far so good.

But I cannot find the cookie in IEs cookie-store! Nor does "remove all cookies" reset the session (as it does in FF)... So where - I am tempted to write that four letter word - does IE store that bloody cookie? Or am I missing something? By the way there is no hidden field with a session id either, as far as I can see.

If I check in FF there is a cookie called ASP.NET_SessionId as I would expect. And as mentioned above deleting that cookie does start a new session; as I would expect.

Can anybody imagine what is happening here?

A: 

The ASP.NET session cookie is non-persistent, so it doesn't get saved to your hard-drive. It gets transmitted back and forth while you're using the application, but it gets discarded when you close the broswer.

From MSDN:

Note

When you run this code, you might see a cookie named ASP.NET_SessionId. That is a cookie that ASP.NET uses to store a unique identifier for your session. The session cookie is not persisted on your hard disk. For more about session cookies, see the "Cookies and Session State" later in this topic.

Nate Dudek
Thanks for opening my eyes... I did read that note as well but obviously did not understand what it meant at that time :( Still I do not understand why IE thinks it could possibly be desired that it keeps sending some cookies after the user explicitly purged all cookies... But that is - well - IE.
scherand