Asp.net uses cookie for making session id travel. This behavior is default and we can change to some other source also if we don’t want to depend on browser.
Cookieless option is provided by asp.net which means session id will travel using other source and that is using URL.
URL also travels between request and response but they are visible in the browser which leads to some changes in programming and also some malfunctioning changes.
During Forms authentication also our ticket travels between request and response using cookie only.same solution i.e URL/URI based ticket is used as alternate for security.
Both are highly encrypted.
Syntax:
<system.web>
<sessionstate timeout=”10” cookieless=”true/false”></sessionstate>
</system.web>
No comments:
Post a Comment