Cookieless session problems

[Scott]

Hello,

we are having problems displaying non-aspx files (images, style
sheets) since we have upgraded to the 1.1 framework when using a
cookieless session (sessionID in the url).

Check out our file system set up below. Now, in an aspx page, we set
as the "src" of our images something like "../images/animage.jpg". If
the current actual url in the browser is something like
http://server/webapp/(someSessionID)/forms/form1.aspx
then the url of the image could be interpreted as something like
http://server/webapp/(someSessionID)/forms/form1.aspx/../images/animage.jpg
(I think). (In the rendered html, of course, the image tag looks
like: <img src="../images/animage.jpg">.)

In the old framework, this way of specifying the image src url (ie.
relative url) with cookieless sessions worked. However, in the new
framework (1.1), it does not work. In testing, though, if we manually
type the following url in the browser, the image is correctly
retrieved:
http://server/webapp/(someSessionID)/forms/form1.aspx/../../images/animage.jpg

It seems that ASP/IIS takes the session ID in the url as a real part
of the path.

The above solution (adding another set of "../" if the
Session.IsCookieless=false) to all url's for images, stylesheets,
javascript files, etc is a possible workaround, but we think it's
ugly. (Alternatives would be greatly appreciated.)

So we are stumped. Frankly, we are surprised that more people have
not brought this issue to the newsgroups' attention.


--our set-up---
Virtual Directory : http://server/webapp
located at: c:\inetpub\wwwroot\webapp
and images at: c:\inetpub\wwwroot\webapp\images
aspx forms at: c:\inetpub\wwwroot\webapp\forms


Scott
Jerome

 

[Scott]

Hi Cowboy,

We use your method #2 to link to images (stylesheets, javascript
files, etc). Let me see if I can explain this in a better way.

If we store the session in a cookie, things would look like this:
current page url : http://server/virtual/forms/form1.aspx
which could have an image tag with src="../images/image.gif"
which would mean that the _absolute_ url of the image that the browser
will use to get it is something like:
http://server/virtual/forms/../images/image.gif

If we store the session id in the url (cookieless), then things turn
into this:
current page url :
http://server/virtual/(1c3ejx25cbrwkin03vb4wsrb)/forms/form1.aspx
with an image tag src="../images/image.gif"
which leads to an "absolute" url for the browser of:
http://server/virtual/(1c3ejx25cbrwkin03vb4wsrb)/forms/../images/image.gif


This is the problem (I think): When we use a relative url for
non-aspx pages, IIS does not give "control" to the aspnet process, so
the session id is not stripped out of the url, which means that IIS
thinks (if it does) that the session id is just another directory of
the url. I do use the "engine" in some other applications, notably
where the images are coming from a db and such, but it would be nice
if i did not have to do the same things for style sheets (etc).

I also think it is strange that we only noticed this problem after
installing the 1.1 Framework.

Thanks,
Scott

 

[levous]

problems displaying images, style sheets using cookieless session
(sessionID in the url) - cookieless session broken images.

Finally... I found the answer! at least in my case.
Hope this helps!
Check your isapi filters in iis. Make sure ASP.net is included and
running. Here's how.

open internet services manager
right clik on the server node and choose properties
master properties <edit>
(tab) isapi flters
look for an entry "ASP.NET_x.xx.x.x.x"
if it is not there, this is your problem!

<add> ASP.Net
C:\WINNT\Microsoft.NET\Framework\v1.0.3705\aspnet_filter.dll

the above value is for 1.0.3705
you should use whichever version you are running.
restart iis

 

[Scott]

We haven't been able to try it yet to see if this was our problem (IIS
filter was empty though).

Thank you, levous, for your solution. Been looking for something like
this for a long time; thanks.

Scott