What-a-Tool wrote on 22 feb 2005 in
microsoft.public.inetserver.asp.general:
I am using a couple of session variables in my site. From what I can
figure out, session information is stored on the users computer in a
cookie -
No.
Session variables are stored on the server.
The server has to know whart session it is serving,
so only one cookie, the session-id cookie is stored on the client
browser.
If the user has cookies disabled, do session variables still work -
If ALL cookies are disabled the server cannot know the session,
so the server treats every page as a new session,
so session variables do not persist till the next page.
Session variables work on the same page, but are not useful
as a simple asp variable suffices
just without the option of setting the Timeout property, as I'm
assuming?
No, the session-id cookie has no timeout.
It is a "ram"-cooke that is not stored on the HD.
IE can be set only to allow session-cookies,
as it means those "ram"-cookies.
Session variables do not time-out, but the session does,
and then that session's session variables are no more.
--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)