Mixed Mode Cookieless/Cookie Sessions in ASP.NET

797 views Asked by At

Cookies in ASP.NET are causing me some problems.

For the most part, I want to use cookieless sessions. This is mainly to get around a problem where safari won't let me set the cookies from an iFrame. So that part all works fine. Cookieless sessions do the job.

However, I have a page which is called from a POST. It uses a post to pass in a hidden field from a form which then does some stuff....you don't really need to know what.

So it turns out that when cookieless sessions are on, the POST is disabled and only GETS can happen in ASP.NET web forms. This is breaking my functionality.

What I want to do is add a web.config to the folder that contains my POSTing pages to go back to normal cookie sessions so I can get my POSTs working again, but this doesn't work.

<?xml version="1.0"?>
 <configuration>
  <system.web>
     <sessionState cookieless="false" />
  </system.web>
 </configuration>

Does anyone know a way of making a folder work with normal cookie sessions while the rest of the site works with cookieless sessions?

1

There are 1 answers

0
Ross Vernal On BEST ANSWER

I've found a solution to this:

What I do is create an HTTP Handler (a .ashx file). This takes specific post values form Request.Form and tags them on as Querystring parameters. This then does a redirect to my original page which now looks for Querystring params instead of Form ones. Phew!

The HTTP handler is what my app posts to now - it was a Facebook Signed request.

So the good news is, that I can use HTTP Handlers now - you learn something every day.