Why do Asp.net web project have garbage values in the url?

Question

I have tried googling and searching for this issue on SO - but have had little success - primarily because I am not sure whether I am searching right.

I am working on an ASP.Net Web Application Project (not website) using Visual Studio 2008, C# and Cassini for testing.

However, everytime I run the site, I get a URL such as:

http://localhost:8671/(S(saifdk55xyhalrqbstrtrdiw))/SubjectClassTeacher/Default.aspx

Even if I modify the URL and try to go to:

http://localhost:8671/SubjectClassTeacher/Default.aspx

I am redirected back to this URL.

The garbage value in the center: (S(saifdk55xyhalrqbstrtrdiw)) keeps changing every few times I compile and I have no idea why it gets injected or how to disable it.

Could anyone throw any light on this issue? Primarily, I would like to know why this happens and how do I disable this.

Because this happens when I deploy the website on IIS as well. Any help is appreciated.

Thank you.

Answer 1

This is a clever feature in ASP.NET* called cookieless sessions. It works by injecting your session ID into every URL, so ASP.NET can tell the difference between user A who visits a page, and user B who visits the same page. Normally this is accomplished with cookies, but this approach removes the dependency on the end-user having them enabled.

From MSDN:

...you don't have to change anything in your ASP.NET application to enable cookieless sessions, except the following configuration setting.

<sessionState cookieless="true" />

*The concept is not exclusive to ASP.NET, but it is baked into ASP.NET and - as you've discovered - can be turned on with no particular effort on the part of the developer.