cookieless

Asp.net forms authentication login loop

How do you solve the infinite login loop problem when you are using cookieless sessions and cannot change the name of login.aspx to a httphandler ? i.e. When a user with admin rights hits the logout button and the return url to a restricted page is passed to login.aspx then another user without admin rights try's to login they get redir...

Cookieless sessions and IIS7 causes a redirect loop

I have an ASP .NET website that uses cookieless sessions. When the initial request is made to the site using a url such as: http://localhost/site IE just displays the standard "Internet Explorer cannot display the webpage" message. Firefox is a bit more helpful and displays the following message: "Redirection limit for this URL exceed...

cookieless session temporary internet files (asp.net)

Hi, background: I work on an asp.net web application that is on a company intranet. cookieless="true" is set in the web.config in the sessions configuration. The application is launched off a page and can run in several different modes (a different link for each mode). It is a business requirement that multiple instances of the applicat...

Remove Cookie Support

My site has the following url format: www.mysite.com/Display.aspx?ID=128 However most users see the url as www.mysite.com/Display.aspx?ID=128&AspxAutoDetectCookieSupport=1 How can I avoid &AspxAutoDetectCookieSupport=1 from appearing in the url. Is it to do something with cookie in web.config, but where? And what would be the implic...

URL Rewriting in .NET behaves badly with cookieless sessions

I'm currently using Intelligencia's URL Rewriter .NET HTTPModule to rewrite URLs. I am using its Custom Transform feature, which allows me to supply an assembly containing a method that performs the actual URL transform. I have cookieless sessions turned on, and this is causing some interference with the URL Rewriter. So, let's sa...

is it possible to set sessionState mode programmatically in.net?

For a c# web site project that serves content for mobile phones i need to use sesion state. Mobile browsing is abit tricky area, you cannot rely on cookies because some networks just removes them or some phones does not support them at all. .net's cookieless sessions perfect solution for me but they come with some cons. For example app ...

Using FCKEditor across domains

I have a site where I'm moving all its components over to a cookieless domain. i.e. my site is example.org.uk and the cookieless domain is examplestatic.me.uk. I am using FCKEditor as a part of this site, but it doesn't load properly when I set the source to examplestatic.me.uk/fckeditor/fckeditor.js. How can I get FCKEditor to work on...

Google bot .net and AspxAutoDetectCookieSupport dilemma

Hi, i have a .net mobile web site where i use sesion state and due to nature of mobile networks/phones (not all supports session cookies) i had to use <sessionState cookieless="AutoDetect"/> It works fine but because each new session redirected with "AspxAutoDetectCookieSupport=1" i have a feeling that google won't like this. Here ...

How to detect session timeouts when using cookieless sessions.

I'm currently working on a ASP.Net 3.5 project and trying to implement session timeout detection. I know how to do it with enabled session cookies, but without i'm totally lost. When session timeout occurs i want to redirect the user to some custom page. Can someone explain me how to do it? My cookie based solution looks like this an...

Difference with regenerateExpiredSessionId="false" and regenerateExpiredSessionId="true" .net

My understanding from http://msdn.microsoft.com/en-us/library/system.web.configuration.sessionstatesection.regenerateexpiredsessionid.aspx meaning of regenerateExpiredSessionId="false" was that if a session id expired it will NOT be re used if client requests an url with same id. And mening of regenerateExpiredSessionId="true" was tha...

How do you set up a cookieless domain on a WHM/Cpanel server?

What's the easiest way to set up a cookieless domain on a WHM/Cpanel server? And please don't answer "Don't set a cookie on your domain then", I want to ensure that even if something on the server tries to set a cookie, it won't work. If this feature is possible anyways... Thank you. ...

Creating cookieless application on development machine with asp.net

I tried posting this on ServerFault with no luck so i am trying here. I am thinking about setting up a new domain to host static content on my website and have it cookieless just like Stackoverflow with their static domain. So before going ahead and buying the domain and setting it up I wanted to test it on my developement machine firs...

Serving CSS from a static domain

I want to serve my css and images from a static cookieless domain. Now my problem is how to point to the images from within my css files. I don't want to program my domain hard within the css file, for example: http://static.com/image.png I would rather have a variable pointing to the the image, so it works for every static domain i u...

How important are cookieless sessions? Should a web application framework provide support for them?

We are programming a new web application framework (Second WAF). I was wondering if we should support cookieless sessions or not. Who use it and who needs it? ...

ASP.Net - What is current best practice for tracking state and session variables?

We're creating a new consumer/public-facing ASP.Net web app. There are two concerns: --Use cookie or cookieless forms authentication? --If we decide not to use cookies at all, how would you store the data that would otherwise be stored in the cookie (Customer ID, AffiliateID, etc.). Does the ASP.Net authentication framework track s...

load testing of "cookieless Session" asp.net

I have been trying using MS VSTS 2008, no luck so far.. After the redirection from server to accomodate the sessionID in URL, the test fails during the first time recording. I am open to looking at other tools which are not very expensive. Does anyone have any experience using any tool for testing cookieless sessionID website? ...

.net site all pages do a 302 redirect with AspxAutoDetectCookieSupport

Hello, First let me say that I did see this article: http://stackoverflow.com/questions/1045283/how-to-remove-aspxautodetectcookiesupport However it seems like it fixes the url issue, but not the 302 AspxAutoDetectCookieSupport issue. I've also read just about every other article on the web about this issue. I could really use some help...

ASP.net Cookieless Session State Expiring Randomly

I am using cookieless sessions & forms authentication. The session is only used to store 1-3 int32 values. Session timeout in the web.config is set to 120mins. Now that the application is receiving more traffic users are reporting the sessions seem to time out closer to 25mins. If the session expires while a user is typing something in...

Java (Tomcat): how to configure a cookieless subdomain to serve static content

One of the tip given by both Google and Yahoo! to speed up webpages loading is to configure a cookieless subdomain to server static content. How do you configure a "cookieless subdomain" using Tomcat in standalone mode (this question is not about how to use Apache to serve static content in a cookieless-way, but about how to do it in To...

Is it possible to serve an ASPX page without it setting a cookie on your browser?

Hi, we're in the process of trying to speed up the performance of our website by serving static content from a cookieless domain. That seems to be going well, but I have a new question: I know that it's "static content" that we're talking about when serving it from a cookieless domain, but we also have static content being served by ASP...