Does cookieless session state (with the sessionid embedded into the url)
interfere with the browser's retrieval of cached images from one session to
the next? Does the sessionid embedded into the url effectively limit
client-side image caching to the lifetime of the session?
Thanks
Jake
4  2693 
depends. if the image url include the session id, then they only be cached
for the session. if your image urls are not munged then they are cached.
normally images are not mapped to asp.net, so the cookie munger will not see
them.
-- bruce (sqlwork.com)
"Jake" <Ja**@spamspams pam.org> wrote in message
news:eC******** *****@TK2MSFTNG P14.phx.gbl... Does cookieless session state (with the sessionid embedded into the url)
interfere with the browser's retrieval of cached images from one session
to
the next? Does the sessionid embedded into the url effectively limit
client-side image caching to the lifetime of the session?
Thanks
Jake
Thanks for the clarification, Bruce. The image urls in the HTML are
relative:
<img src="images/cars/mini.gif">
But the url of the page is munged. I take it that the browser knows how to
ignore the sessionid in the addressbar and can figure out from the HTTP
header that the image above resides at: www.somedomain.com/images/cars/mini.gif
even if the url of the page on which the image appears contains the
sessionid? http://www.somedomain.com/(54gfb5zbn.../somepage.aspx
When I look at the image properties in IE, the url lacks the session id.
However, according to PageInfo in Firefox (media tab), the url of the image
contains the sessionid.
Are there any sniffers that would show me whether images are being
downloaded or retrieved from local browser cache?
Regards
Jake
"Bruce Barker" <br************ ******@safeco.c om> wrote in message
news:#g******** *****@TK2MSFTNG P14.phx.gbl... depends. if the image url include the session id, then they only be cached
for the session. if your image urls are not munged then they are cached.
normally images are not mapped to asp.net, so the cookie munger will not
see them.
-- bruce (sqlwork.com)
"Jake" <Ja**@spamspams pam.org> wrote in message
news:eC******** *****@TK2MSFTNG P14.phx.gbl... Does cookieless session state (with the sessionid embedded into the url)
interfere with the browser's retrieval of cached images from one session
to
the next? Does the sessionid embedded into the url effectively limit
client-side image caching to the lifetime of the session?
Thanks
Jake
A followup. When I check my Temporary Internet Files folder, the same image
is being cached many many times, and the only difference among the urls is
the sessionid. So it would appear that while images are being cached, the
benefit of the caching extends only for the duration of the session. Next
time I visit the website, I must download a new copy of the image because
there will be a new sessionid in the url and the browser won't find the
image in its cache folder.
Jake
"Jake" <Ja**@spamspams pam.org> wrote in message
news:#q******** ******@tk2msftn gp13.phx.gbl... Thanks for the clarification, Bruce. The image urls in the HTML are
relative:
<img src="images/cars/mini.gif">
But the url of the page is munged. I take it that the browser knows how
to ignore the sessionid in the addressbar and can figure out from the HTTP
header that the image above resides at:
www.somedomain.com/images/cars/mini.gif
even if the url of the page on which the image appears contains the
sessionid?
http://www.somedomain.com/(54gfb5zbn.../somepage.aspx
When I look at the image properties in IE, the url lacks the session id.
However, according to PageInfo in Firefox (media tab), the url of the
image contains the sessionid.
Are there any sniffers that would show me whether images are being
downloaded or retrieved from local browser cache?
Regards
Jake
"Bruce Barker" <br************ ******@safeco.c om> wrote in message
news:#g******** *****@TK2MSFTNG P14.phx.gbl... depends. if the image url include the session id, then they only be
cached for the session. if your image urls are not munged then they are cached.
normally images are not mapped to asp.net, so the cookie munger will not
see them.
-- bruce (sqlwork.com)
"Jake" <Ja**@spamspams pam.org> wrote in message
news:eC******** *****@TK2MSFTNG P14.phx.gbl... Does cookieless session state (with the sessionid embedded into the
url) interfere with the browser's retrieval of cached images from one
session to
the next? Does the sessionid embedded into the url effectively limit
client-side image caching to the lifetime of the session?
Thanks
Jake
You have to use absolute urls for your images, I believe. Absolute urls
won't get munged, and so the browser will cache a copy of the image with the
unmunged absolute url as its internet address.
Timo
"Jake" <Ja**@spamspams pam.org> wrote in message
news:#z******** ******@tk2msftn gp13.phx.gbl... A followup. When I check my Temporary Internet Files folder, the same
image is being cached many many times, and the only difference among the urls is
the sessionid. So it would appear that while images are being cached, the
benefit of the caching extends only for the duration of the session. Next
time I visit the website, I must download a new copy of the image because
there will be a new sessionid in the url and the browser won't find the
image in its cache folder.
Jake
"Jake" <Ja**@spamspams pam.org> wrote in message
news:#q******** ******@tk2msftn gp13.phx.gbl... Thanks for the clarification, Bruce. The image urls in the HTML are
relative:
<img src="images/cars/mini.gif">
But the url of the page is munged. I take it that the browser knows how
to ignore the sessionid in the addressbar and can figure out from the HTTP
header that the image above resides at:
www.somedomain.com/images/cars/mini.gif
even if the url of the page on which the image appears contains the
sessionid?
http://www.somedomain.com/(54gfb5zbn.../somepage.aspx
When I look at the image properties in IE, the url lacks the session id.
However, according to PageInfo in Firefox (media tab), the url of the
image contains the sessionid.
Are there any sniffers that would show me whether images are being
downloaded or retrieved from local browser cache?
Regards
Jake
"Bruce Barker" <br************ ******@safeco.c om> wrote in message
news:#g******** *****@TK2MSFTNG P14.phx.gbl... depends. if the image url include the session id, then they only be cached for the session. if your image urls are not munged then they are
cached. normally images are not mapped to asp.net, so the cookie munger will
not see them.
-- bruce (sqlwork.com)
"Jake" <Ja**@spamspams pam.org> wrote in message
news:eC******** *****@TK2MSFTNG P14.phx.gbl...
> Does cookieless session state (with the sessionid embedded into the
url) > interfere with the browser's retrieval of cached images from one session > to
> the next? Does the sessionid embedded into the url effectively limit
> client-side image caching to the lifetime of the session?
> Thanks
> Jake
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: mrbog |
last post by:
Tell me if my assertion is wrong here:
The only way to prevent session hijacking is to NEVER store
authentication information (such as name/password) in the session.
Well, to never authenticate a user from information you got from the
session. Each secure app on a site must challenge the user for name
and password, each and every time the user accesses it (not just once
and then store it in the session). If a secure app is multi-page,...
|
by: Scott |
last post by:
Hello,
we are having problems displaying non-aspx files (images, style
sheets) since we have upgraded to the 1.1 framework when using a
cookieless session (sessionID in the url).
Check out our file system set up below. Now, in an aspx page, we set
as the "src" of our images something like "../images/animage.jpg". If
the current actual url in the browser is something like
http://server/webapp/(someSessionID)/forms/form1.aspx
|
by: Grant |
last post by:
Can anyone explained to me how the session state - cookieless = true work?
Where is the information stored in the URL? I am concern hat some one can
use that to the advantage (hacker). I have session state set to stateserver
so does that make any difference?
Thanks
Grant
|
by: Anthony Williams |
last post by:
Hi gang,
This one looks like a bug :o(
As you may or may not know, setting session management in web.config to use
cookieless sessions causes the ASP.NET runtime to munge a session ID into
the URL, in the format http://yourapplicationpath/(Session.SessionID)/...
which saves numerous headaches when it comes to storing state across page
requests and sessions.
|
by: Bernie Raffe |
last post by:
When I change the 'cookieless' flag in the WebConfig file to true,
everything works fine on my local PC, but the images fail to appear when
using the remote server.
I specify my images throughout using a relative directory structure, such as
'images/topbanner.jpg'. I tried changing this to ~/images/topbanner.jpg and
.../images/topbanner.jpg, but this didn't work locally so I didn't even
bother trying it out remotely.
Tthe problem...
| | |
by: Daniel Malcolm |
last post by:
Hi
I just wanted to confirm that the "cookieless" attribute of the session
section of the web.config file is an "all or nothing" setting.
For some reason I thought that the following was the case:
If "cookieless" is set to false then ...
- If user's browser supports cookies then cookie is used to track Session
|
by: Paul W |
last post by:
Hi -
I don't want to rely on my users having cookies enabled.
If I use Cookieless=True it of course mangles the urls which means there is
no browser caching of the pages, so it is slow.
What are the other options to use to be able to store a small amount of
session data? I know it can be done because, for example,
www.discountasp.net's site doesn't use cookies or cookie-munging, but it
|
by: Water Cooler v2 |
last post by:
What do you mean by a cookieless session state? When you set the
sessionState section's cookieless attribute to true in the web.config
file, what does that mean?
I read this
(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/gngrfSessionstateSection.asp)
and it does not explain the meaning of cookieless.
|
by: Mark Olbert |
last post by:
I'm building an ASPNET2 website which uses forms authentication but does not use the Microsoft-supplied membership providers (mostly
because I don't want to create my own provider at this point, and the supplied stuff comes with a lot of baggage I don't want/need).
In ASPNET1.1 what I would do was something like the following, after authenticating the user on the login form:
FormsAuthentication.SetAuthCookie(userInfo.UserID, false);
...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
