hello,
I have following session setting in my web.config file:
<configuration>
<system.web>
<sessionState
mode = "InProc"
cookieless="true"
timeout="10"/>
</system.web>
</configuration>
However, when I open my browser I get this in address bar: http://192.168.0.110/blabla/(uzqltc4...pgfn)/faq.aspx
Is there any way I can hide this (sessionID).
Thanks,
--
Vlad Jasovic
Excelle Technologies Inc. http://www.excelleinc.com
"single source for all your computer needs" 6  4673 
Sorry, forgot to mention that I want to have cookieless="true".
Is there any way I can hide sessiodID with these setting on "true"
You are using cookieless sessionstate, so the sessionID has to appear in the address bar.
--Michael.
"Vlad Jasovic" <vj******@excelleinc.com> wrote in message news:4u***********************@news.easynews.com.. . hello,
I have following session setting in my web.config file:
<configuration>
<system.web>
<sessionState
mode = "InProc"
cookieless="true"
timeout="10"/>
</system.web>
</configuration>
However, when I open my browser I get this in address bar:
http://192.168.0.110/blabla/(uzqltc4...pgfn)/faq.aspx
Is there any way I can hide this (sessionID).
Thanks,
--
Vlad Jasovic
Excelle Technologies Inc.
http://www.excelleinc.com
"single source for all your computer needs"
yeah, it really only affects obsessive-compulsive security-o-holics who raise the security of their browsers to block all cookies, People who do that run into quite a few problems in their web-browsing experience, so it serves them right if it doesn't work for them.
use the cookie, they taste good too.
"Tampa .NET Koder" <Ta***********@discussions.microsoft.com> wrote in message news:16**********************************@microsof t.com... Yess-sir-ree, I think its all or nothing. However, having the session in the
browser shouldn't be an issue, its done all the time
"chriscollinson" wrote:
because you have cookieless set to true, that tells asp.net that you cant
save cookies on any of the user's pc, and so it stores the session id in the
url.
if you set it to false, the session id will be removed from the url and
placed inside a cookie on the users pc.
as far as i am aware, you cannot mix and match based on the user. its a
whole or nothing setting.
"Vlad Jasovic" wrote:
hello,
I have following session setting in my web.config file:
<configuration>
<system.web>
<sessionState
mode = "InProc"
cookieless="true"
timeout="10"/>
</system.web>
</configuration>
However, when I open my browser I get this in address bar:
http://192.168.0.110/blabla/(uzqltc4...pgfn)/faq.aspx
Is there any way I can hide this (sessionID).
Thanks,
--
Vlad Jasovic
Excelle Technologies Inc.
http://www.excelleinc.com
"single source for all your computer needs"
The reason why I want to do this without cookies is because this web-site is
for broad audience and some of them (you'd be surprised) do have cookies
disabled.
Problem why I don't want SessionID in browser is because when you add
web-site to favorites it stores SessionID too. Doing some shopping carts and
wouldn't like to see it.
"Raterus" <mo*********@suretar.reverse> wrote in message
news:eW**************@TK2MSFTNGP10.phx.gbl...
yeah, it really only affects obsessive-compulsive security-o-holics who
raise the security of their browsers to block all cookies, People who do
that run into quite a few problems in their web-browsing experience, so it
serves them right if it doesn't work for them.
use the cookie, they taste good too.
"Tampa .NET Koder" <Ta***********@discussions.microsoft.com> wrote in
message news:16**********************************@microsof t.com... Yess-sir-ree, I think its all or nothing. However, having the session in
the browser shouldn't be an issue, its done all the time
"chriscollinson" wrote:
because you have cookieless set to true, that tells asp.net that you
cant save cookies on any of the user's pc, and so it stores the session id in
the url.
if you set it to false, the session id will be removed from the url and
placed inside a cookie on the users pc.
as far as i am aware, you cannot mix and match based on the user. its a
whole or nothing setting.
"Vlad Jasovic" wrote:
hello,
I have following session setting in my web.config file:
<configuration>
<system.web>
<sessionState
mode = "InProc"
cookieless="true"
timeout="10"/>
</system.web>
</configuration>
However, when I open my browser I get this in address bar:
http://192.168.0.110/blabla/(uzqltc4...pgfn)/faq.aspx
Is there any way I can hide this (sessionID).
Thanks,
--
Vlad Jasovic
Excelle Technologies Inc.
http://www.excelleinc.com
"single source for all your computer needs"
"Vlad Jasovic" <vj******@excelleinc.com> wrote in message
news:Y2***********************@news.easynews.com.. . The reason why I want to do this without cookies is because this web-site
is for broad audience and some of them (you'd be surprised) do have cookies
disabled.
It's not unreasonable to inform users that, if they want to use your site,
they will have to enable cookies on their browser...
Problem why I don't want SessionID in browser is because when you add
web-site to favorites it stores SessionID too. Doing some shopping carts
and wouldn't like to see it.
Then, regrettably, a web solution will not meet your needs, at least, not an
ASP.NET / IIS one...
In this case I would recommend not relying on session, but rolling your own
solution. Store an ID in viewstate or something on every page, be sure to
pass it along from page to page. Store your data somehow indexed by this ID,
so that then you can get it any time.
I agree that it is not unreasonable to require your site to only function
properly with cookies enabled. Either that, or give up the ability to
bookmark on favorites. People can't have their cake and eat it too. They
can't go nuts with security and turn everything off - and then expect the
same level of functionality.
"Vlad Jasovic" <vj******@excelleinc.com> wrote in message
news:Y2***********************@news.easynews.com.. . The reason why I want to do this without cookies is because this web-site
is for broad audience and some of them (you'd be surprised) do have cookies
disabled.
Problem why I don't want SessionID in browser is because when you add
web-site to favorites it stores SessionID too. Doing some shopping carts
and wouldn't like to see it.
"Raterus" <mo*********@suretar.reverse> wrote in message
news:eW**************@TK2MSFTNGP10.phx.gbl...
yeah, it really only affects obsessive-compulsive security-o-holics who
raise the security of their browsers to block all cookies, People who do
that run into quite a few problems in their web-browsing experience, so it
serves them right if it doesn't work for them.
use the cookie, they taste good too.
"Tampa .NET Koder" <Ta***********@discussions.microsoft.com> wrote in
message news:16**********************************@microsof t.com... Yess-sir-ree, I think its all or nothing. However, having the session
in the browser shouldn't be an issue, its done all the time
"chriscollinson" wrote:
because you have cookieless set to true, that tells asp.net that you cant save cookies on any of the user's pc, and so it stores the session id
in the url.
if you set it to false, the session id will be removed from the url
and placed inside a cookie on the users pc.
as far as i am aware, you cannot mix and match based on the user. its
a whole or nothing setting.
"Vlad Jasovic" wrote:
> hello,
>
> I have following session setting in my web.config file:
> <configuration>
> <system.web>
> <sessionState
> mode = "InProc"
> cookieless="true"
> timeout="10"/>
> </system.web>
> </configuration>
>
> However, when I open my browser I get this in address bar:
> http://192.168.0.110/blabla/(uzqltc4...pgfn)/faq.aspx
>
> Is there any way I can hide this (sessionID).
>
>
> Thanks,
>
> --
> Vlad Jasovic
> Excelle Technologies Inc.
> http://www.excelleinc.com
> "single source for all your computer needs"
>
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Paul |
last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and
session.use_trans_sid = 1 in my php.ini file. Index.php contains:...
|
by: mrbog |
last post by:
Tell me if my assertion is wrong here:
The only way to prevent session hijacking is to NEVER store
authentication information (such as name/password) in the session.
Well, to never authenticate...
|
by: Darrin J Olson |
last post by:
I am trying to end a session for a site without having to completely close
the browser to end it.
When I access the site and log in it works fine. If I log out and in with a
different account...
|
by: Shock |
last post by:
I am interested in hearing what kind of methods are used to hide
QueryStrings when passing data between aspx pages. For instance, I have a
url that looks something like this:
...
|
by: Chris |
last post by:
When a request comes into a page on my ASP.net site and a session is
not found, I want to detect whether the request is an initial request
or if the user did have a session going that has now been...
|
by: ari |
last post by:
hey all,
i'm trying to make my app as stateless as possible. is it ok to create a
dataset and store in viewstate and whenever the user decides to select a from
that dataset, to move from...
|
by: Gordon Burditt |
last post by:
I had this idea about preventing session fixation, and I'm wondering
what anyone else thinks about it. The idea is, essentially, don't
allow session ids that YOUR PHP didn't generate (and aren't...
|
by: Glenn |
last post by:
Hi
I've been experimenting with managing state using the Session object. I've
created a simple WS with a couple of methods, one which sets a string
value, another that retrieves it.
Each...
|
by: JJ297 |
last post by:
I want to hide the Pin field below in my repeater. How do I do this?
<asp:Repeater ID="Repeater1" runat="server"
DataSourceID="SqlDataSource1">
<ItemTemplate>
<tr>
<td><font...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
