All geek questions in one place

Why Asp.net MVC4 Cannot Use SQL Server Session State Cookie Cookieless

ALL, Here is my web configuration in an ASP.NET MVC4 application. I found that if I set cookieless false, everything will be fine. but if I do not want to use a cookie. then the application cannot work. When I debug the application, I found that the controller cannot receive any request from the view. I think this is because when in cookie-free mode something will be added to the URL earlier. e.g. http: // localhost: 8119 / (S (3cicpjpagvpunr5he5fnfrj1)) /.

<configuration> <configSections> <sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="webAssets" type="Telerik.Web.Mvc.Configuration.WebAssetConfigurationSection, Telerik.Web.Mvc" requirePermission="false" /> <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 --> <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=4.4.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" /> </sectionGroup> </configSections> <connectionStrings> <add name="..." connectionString="..." providerName="System.Data.SqlClient" /> </connectionStrings> <appSettings> <add key="webpages:Version" value="2.0.0.0" /> <add key="webpages:Enabled" value="true" /> <add key="PreserveLoginUrl" value="true" /> <add key="ClientValidationEnabled" value="true" /> <add key="UnobtrusiveJavaScriptEnabled" value="true" /> </appSettings> <system.web> <customErrors mode="Off" /> <httpRuntime executionTimeout="14400" maxRequestLength="716800" /> <compilation debug="true" targetFramework="4.0" /> <authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880" /> </authentication> <pages> <namespaces> <add namespace="System.Web.Helpers" /> <add namespace="System.Web.Mvc" /> <add namespace="System.Web.Mvc.Ajax" /> <add namespace="System.Web.Mvc.Html" /> <add namespace="System.Web.Routing" /> <add namespace="System.Web.WebPages" /> <add namespace="Telerik.Web.Mvc.UI" /> </namespaces> </pages> <profile defaultProvider="DefaultProfileProvider"> <providers> <add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" /> </providers> </profile> <membership defaultProvider="DefaultMembershipProvider"> <providers> <add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <roleManager defaultProvider="DefaultRoleProvider"> <providers> <add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" /> </providers> </roleManager> <!-- <sessionState mode="InProc" timeout="30" customProvider="DefaultSessionProvider"> <providers> <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" /> </providers> </sessionState> --> <sessionState mode="SQLServer" cookieless="true" sqlConnectionString="data source=xxxx; User ID=xxxx; password=xxxx" timeout="300" sqlCommandTimeout="10" /> <httpHandlers> <add verb="GET,HEAD" path="asset.axd" validate="false" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc" /> </httpHandlers> </system.web> <system.webServer> <security> <requestFiltering> <requestLimits maxAllowedContentLength="3000000000" /> </requestFiltering> </security> <validation validateIntegratedModeConfiguration="false" /> <modules runAllManagedModulesForAllRequests="true" /> <directoryBrowse enabled="true" /> <handlers> <remove name="asset" /> <add name="asset" preCondition="integratedMode" verb="GET,HEAD" path="asset.axd" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc" /> </handlers> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="2.0.0.0" /> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" /> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="2.0.0.0" /> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="Microsoft.WindowsAzure.StorageClient" publicKeyToken="31bf3856ad364e35" culture="neutral" /> <bindingRedirect oldVersion="0.0.0.0-1.7.0.0" newVersion="1.7.0.0" /> </dependentAssembly> </assemblyBinding> </runtime> </configuration>
+4
source share
1 answer

Where cookieless="true" , there is an error in the Html.BeginForm() helper (one that takes no arguments). When generating the URL, it does not take into account the session identifier. Therefore, instead of:

 <form action="/(S(kkt0zgbnuaoxad23ew33iod4))/home/index" method="post">

it generates:

 <form action="/home/index" method="post">

When you send a message to /home/index , redirects are automatically converted to /(S(kkt0zgbnuaoxad23ew33iod4)) using ASP.NET. Forwarding means a GET request => your POST action will never be deleted.

As a workaround, you can write a special Html.BeginForm helper to fix the error:

 public static class FormExtensions { public static IDisposable MyBeginForm(this HtmlHelper htmlHelper) { var rawUrl = htmlHelper.ViewContext.HttpContext.Request.RawUrl; var formAction = htmlHelper.ViewContext.HttpContext.Response.ApplyAppPathModifier("~/") + rawUrl; var builder = new TagBuilder("form"); builder.MergeAttributes(new RouteValueDictionary()); builder.MergeAttribute("action", formAction); builder.MergeAttribute("method", HtmlHelper.GetFormMethodString(FormMethod.Post), true); htmlHelper.ViewContext.Writer.Write(builder.ToString(TagRenderMode.StartTag)); var form = new MvcForm(htmlHelper.ViewContext); return form; } }

and then use:

 @using (Html.MyBeginForm()) { ... }

As for the other BeginForm helper overloads, they should work fine and generate the correct action containing the session identifier.

+6
source

Source: https://habr.com/ru/post/1441040/

More articles:


All Articles