I have several .net applications running on a webserver. I recently
installed the patches to the system to stop the worm virus that was going
around last week. Since that time I ran into a problem with session state.
Prior to this each application was configured to have sessionState,
cookieless=false. However for some reason after installing the patches one
and only one application began to run into problems with session data not
being available from one web page to the other. I noticed if I changed my
client browser to have its cookie security level moved from Medium(default)
to low it worked but as this is not the default for browsers this would not
be a good setup.(the odd thing is the other apps are working fine) So I was
told by a friend that he's surprised that applications ever worked and that
it must have been a fluke. He said I needed to change the cookieless value
to true, which partially worked but now I have issues with changing all of
my anchor tags to be link buttons, some values still cannot be retrieved
form session values(iframe pages), and the fact that it looks less
professional to have the session id incorporated into the URL.
Do you know of any reason why some apps would continue to work fine without
changing to cookieless=false? Is it true I need to have cookiesless set to
true in order to get client browsers to work without changing their default
cookie level? I had messed around with trusted assemblies at one time maybe
that had something to do with the application working but I'm not even sure
what that does and if it would have any affect on this. Do you think I
could simply trust the assembly somehow and it would work with cookieless
set to false?
Thanks
Karl
