using cookies can be risky. For various reasons, cookies do not work with a certain percentage of browsers used to request pages from your Web site.
By default, session state relies on cookies. The session state facility uses the ASP.NET_SessionID cookie to track users as they move from page to page. If the cookie cannot be added to a user's browser, every request made by the user starts a new user session. Any session data associated with that user is lost when a new page is requested.
The ASP.NET framework includes an option to enable cookieless sessions. Cookieless sessions enable you to take advantage of session state without relying on browser cookies.
Cookieless sessions are implemented with a clever trick. When a user makes the first request to a Web site with cookieless sessions enabled, the URL used for the request is automatically modified to include the user's session ID. For example, if a user makes a request for http://mysite.com/mypage.aspx, the request is automatically modified to http://mysite.com/(nd4vqe2fnbmnwi451fwvda45)/mypage.aspx. The part of the URL that appears in parentheses is the session ID for the current user.
After the session ID is embedded in the URL of the first page request, the session ID will continue to be associated with the user throughout his or her visit to the Web site. The session ID is passed as part of the base URL whenever the user clicks a relative link or submits a form.
Because the session ID is automatically passed from one page to another, the user can be tracked without relying on a cookie. So, by using cookieless sessions, you get all the advantages of session state without the worries about browser incompatibility.
قوانین ایجاد تاپیک در تالار
پاسخ با نقل قول