Stack Overflow
Stack Overflow

Questions tagged [cookieless]

Cookieless is a property in ASP.NET SessionStateSection indicating whether cookies are used to identify client sessions.

In ASP.NET SessionStateSection.Cookieless property gets or sets a value indicating whether cookies are used to identify client sessions.

Read more at MSDN

118 questions
126
votes
2 answers

How to do stateless (session-less) & cookie-less authentication?

Bob uses a web application in order to achieve something. And: His browser is on diet, therefore it does not support cookies. The web application is a popular one, it deals with a lot of users at a given moment - it has to scale well. As long as…
turdus-merula
  • 8,546
  • 8
  • 38
  • 50
25
votes
3 answers

Which one is better, InProc or SQL Server, for Session State mode in asp.net?

I am developing an ASP.NET website. I want to know which one is better in session state mode: InProc or SQL Server? I need to hear about your experiences on this issue. Another question is about cookieless attribute. Is there any security hole in my…
Ali Foroughi
  • 4,540
  • 7
  • 42
  • 66
22
votes
5 answers

How do I setup IIS with a cookieless domain to improve performance?

I was reading in google's documentation their new pagespeed plugin, that they recommend using cookieless domains to improve performance: Static content, such as images, JS and CSS files, don't need to be accompanied by cookies, as there is no user…
Keltex
  • 26,220
  • 11
  • 79
  • 111
11
votes
2 answers

Difference with regenerateExpiredSessionId="false" and regenerateExpiredSessionId="true" .net

My understanding from http://msdn.microsoft.com/en-us/library/system.web.configuration.sessionstatesection.regenerateexpiredsessionid.aspx meaning of regenerateExpiredSessionId="false" was that if a session id expired it will NOT be re used if…
nLL
  • 5,662
  • 11
  • 52
  • 87
10
votes
2 answers

Problems trying to create a cookieless domain due to Adsense

Following the advice on google's pagespeed addon, I moved my static content (images, css, javascript files) to a subdomain of my site on which there should be no cookies, thus saving some space in the request headers for each request for these…
Rincewind42
  • 237
  • 1
  • 10
9
votes
4 answers

Creating cookieless application on development machine with asp.net

I tried posting this on ServerFault with no luck so i am trying here. I am thinking about setting up a new domain to host static content on my website and have it cookieless just like Stackoverflow with their static domain. So before going ahead…
ak3nat0n
  • 6,060
  • 6
  • 36
  • 59
7
votes
1 answer

Cookieless sessions and IIS7 causes a redirect loop

I have an ASP .NET website that uses cookieless sessions. When the initial request is made to the site using a url such as: http://localhost/site IE just displays the standard "Internet Explorer cannot display the webpage" message. Firefox is a bit…
Carl
  • 2,483
  • 4
  • 28
  • 30
7
votes
6 answers

Asp.net forms authentication login loop

How do you solve the infinite login loop problem when you are using cookieless sessions and cannot change the name of login.aspx to a httphandler ? i.e. When a user with admin rights hits the logout button and the return url to a restricted page is…
Element
  • 3,981
  • 7
  • 42
  • 51
7
votes
2 answers

How does ASP.Net Cookieless work ?

I try to set the in my web.config but I don't know what are they. I would like to know about ASP.Net . AutoDetect UseCookies UseDeviceProfile UseUri true false Let…
kst
  • 1,498
  • 3
  • 19
  • 34
7
votes
3 answers

POST requests fail when is set

Consider the following case: A web server is running a .NET app with . A client is POSTing data to it using a simple HttpWebRequest (no cookies). This seemingly simple case causes major failure. Since .NET…
Anton
  • 4,554
  • 2
  • 37
  • 60
7
votes
3 answers

Will this protect me from Etag tracking?

Background: ETag tracking is well explained here and also mentioned on Wikipedia. An answer I wrote in a response to "How can I prevent tracking by ETags?" has driven me to write this question. I have a browser-side solution which prevents ETag…
Hello World
  • 925
  • 7
  • 18
6
votes
1 answer

django REST facebook authentication

I have a site that allows Facebook authentication using django-social-auth Now I also need to authenticate using a non-cookie-based API. My idea is to include a "sessionid=" as a POST field (it will be using HTTPS). So far I managed to "fool" django…
Lem0n
  • 1,217
  • 1
  • 14
  • 22
6
votes
3 answers

SessionID changing across different instances in Azure (and probably in a web farm)

I have a problem with an Azure project with one WebRole but multiple instances that uses cookieless sessions. The application doesn't need Session storage, so it's not using any session storage provider, but I need to track the SessionID.…
vtortola
  • 34,709
  • 29
  • 161
  • 263
6
votes
4 answers

How to solve [Serve the following static resources from a domain that doesn't set cookies]

I'm struggling in something i don't know at all. When the time i ping my website, i got this result: [Serve the following static resources from a domain that doesn't set cookies:]. And, this result caused from the images which i used for background…
Jornes
  • 287
  • 1
  • 3
  • 15
6
votes
3 answers

Disable cookies set by the google plus one button

When I place the following code on my site for a nice standard +1