problem with aspx url - asp.net

i m building website in asp.net
when i run my pages
i expect that my brower should display url like this
http://www.fixpic.com/uploo.aspx
but instead of this it displays
http://www.fixpic.com/(S(vqr0tz45005i2c450544ut45))/uploo.aspx
what could be the reasons behind it,,might be coz i m trying to make sessions but if that is the case than how can i remove these long characters from the url

This is because url is used to track session id instead of cookies. This setting is normally configured in web.config by the sessionState element. If you use cookieless="true" it will use urls. Set it to false and cookies will be used.

you have set it to use the url for sessions (cookieless) so this is the sessionid, you will see a line similar to the one vbelow, if you want to set the seesion back to cookies just remove the cookieless=true
<sessionState mode="InProc" cookieless="true"/>

Related

Changing aspx website urls

I have a web site. URLs com/default.aspx form should appear. But when I click on the URL (com/(S (the hito5tqogutqn21tcn2mozjrr))/default.aspx) as it seems. How do I fix it. URLs with a random number itself is changing.
Check this: https://msdn.microsoft.com/en-us/library/aa479314.aspx
This is happening probably because (unless, you have specified explicitly to use the uri for session id management, which I think, is not the case) the browser does not allow cookies (either for your web site or for all) and Asp.Net detects this and appends the session id to the uri because otherwise your site would not be able to support sessions.
In fact, this is the most secure approach, allowing session state to be available even if the user had disabled cookies.
You can change this behaviour by specifying the following in your web.config file:
<system.web>
<sessionState cookieless="UseCookies" />
</system.web>
After that, you will not see the session Id in the Uri, but users whose browsers do not accept cookies from your web site will not be able to have a session state.
At this point, defining a privacy policy for your web site might help your cookies to be accepted by the browsers:
https://msdn.microsoft.com/en-us/library/ms178194.aspx

IIS Express redirects to URL with some kind of session ID

Normally when I start my application, a browser window is opened with the URL
http://localhost:12345/
Since some change in some configuration, this gets redirected to
http://localhost:12345/(S(presumablySomeBase64EncodedValue))
Then, all the relative links like home/index become
http://localhost:12345/(S(presumablySomeBase64EncodedValue))/home/index
which produces HTTP 501s on the server
I have no idea what this is and how to get rid of it. I don't even know the name of this base-64 value. Is it a session ID?
Thanks for any hints.
in your web.config file, add this:
<sessionState cookieless="UseCookies" />
under system.web tag.

ASP MVC - Bunch of random characters in POST request route string

I am trying to log in to my own application, and i have discovered something strange. When I am sending a POST request to a login controller, it somehow redirects itself to a GET login controller, and displays login form with an action set to http://localhost:5898/(X(1)S(1tgv3m2psb2cxqaw4koiyhyt))/Account/Login. Now what the hell is this (X(1)S(1tgv3m2psb2cxqaw4koiyhyt)) thing? Why is it there, and what does it do? And on top of that, how do i get rid of it? I do not want it in there...
It appears that you have set the session provider in your web.config (or on IIS) to use a Cookieless session state. This is the session identifier for your session.
http://msdn.microsoft.com/en-us/library/aa479314.aspx#cookieless_topic2
To get rid of it, you would need to change your sessionState element in your web.config to cookieless="false"
SessionState Web.Config element information
Those things are seen in asp.net when you disable cookie in your browser or your application settings. that is cookieless asp.net. you can start debugging your app from there.
hope it helps

How can I remove the ASP.NET Session ID from my URL?

How can I remove the identifier from my URL?
In this example URL I need just index.aspx, how do I remove (S(w0uz0245gtucb3am0k5w5g55))?
http://www.example.com/(S(w0uz0245gtucb3am0k5w5g55))/index.aspx
Your webserver is rewriting your urls to include the session state because you have configured your site to not use cookies.
If you look at your site's web.config file, you will probably find this line:
<sessionState cookieless="true" />
If you change the value to "false" if will solve your problem (or just remove the line entirely - the default value is false)
More information about this configuration can be found here and here.
You could wrap your entire application in an iFrame. Nobody would see the long URL.

Mixed Mode Cookieless/Cookie Sessions in ASP.NET

Cookies in ASP.NET are causing me some problems.
For the most part, I want to use cookieless sessions. This is mainly to get around a problem where safari won't let me set the cookies from an iFrame. So that part all works fine. Cookieless sessions do the job.
However, I have a page which is called from a POST. It uses a post to pass in a hidden field from a form which then does some stuff....you don't really need to know what.
So it turns out that when cookieless sessions are on, the POST is disabled and only GETS can happen in ASP.NET web forms. This is breaking my functionality.
What I want to do is add a web.config to the folder that contains my POSTing pages to go back to normal cookie sessions so I can get my POSTs working again, but this doesn't work.
<?xml version="1.0"?>
<configuration>
<system.web>
<sessionState cookieless="false" />
</system.web>
</configuration>
Does anyone know a way of making a folder work with normal cookie sessions while the rest of the site works with cookieless sessions?
I've found a solution to this:
What I do is create an HTTP Handler (a .ashx file). This takes specific post values form Request.Form and tags them on as Querystring parameters. This then does a redirect to my original page which now looks for Querystring params instead of Form ones. Phew!
The HTTP handler is what my app posts to now - it was a Facebook Signed request.
So the good news is, that I can use HTTP Handlers now - you learn something every day.

Resources