I am losing the ASP.NET_SessionId when switching between pages on my site. The issue happens in Chrome/Firefox/Safari. It does not happen in IE. It is rather strange...here is my scenario.
My site can be accessed by entering www.example.org or example.org in browser (this is an important piece of info as you will see).
I enter example.org. From my home page, I log into to my site (note: I am not using ASP.NET forms authentication). I am sent to my default user page (e.g., userpage.aspx). From this page, I click on an <a>
that sends me to a different page on my site. The <a>
link is full-qualified (e.g., http://www.example.org/page2.aspx). When I get sent to the new page, my session is lost!
So, I ran Fiddler to try and discover the problem. What I found was interesting. The Request Header tag Referer was getting lost between pages.
Here are the steps:
<a>
(e.g., http://www.example.org/page2.aspx). After the page is rendered, the ASP.NET_SessionId is lost.The lost ASP.NET_SessionId is lost consistently is Chrome/Firefox/Safari. This does not happen in IE.
If repeat the above steps by substituting example.org with www.example.org, the ASP.NET_SessionId is not lost. It works, correctly each time.
Any thoughts on this behavior?
Net_SessionId is a cookie which is used to identify the users session on the server. The session being an area on the server which can be used to store data in between http requests. For example, the controller action may perform: Session["FirstName"] = model.
AspNet. ApplicationCookie basically is created when you use cookie authentication in your application. This cookie is created by the server on user request and is stored by the browser. AspNet. ApplicationCookie gets sent with each subsequent request to inform the server the identity of the logged in user.
cookieless means that the sessionId is munged into the url for each request as opposed to setting a cookie on the browser.
Add this to your web.config under the <system.web> element
<httpCookies domain=".mysite.com" />
See if there is any change in behavior. It sounds as though sub-domains are failing although I thought the cookie was based at the root domain to begin with. this should force it that way.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With