Getting rid of session cookie ("ASP.NET_SessionId")

  • Thread starter Daniel Michaeloff
  • Start date
D

Daniel Michaeloff

Hi all,

I have an application that when finished redirects to a non-ASP.NET app
which is choking on a huge ASP.NET session cookie. The cookie
"ASP.NET_SessionId" gets transmitted by the browser (IE6 in test case)
despite trying Microsoft's suggested method of expiring the cookie first.

I'd like to be able to kill the cookie and do a Response.Redirect() from
within a server-side button handler, but I'm to the point now where I'm
instead redirecting to a third .aspx page whose only job is to remove the
cookie and have a hyperlink out. In its Page_Load:

{
System.Web.HttpContext.Current.Session.Abandon();

HttpCookieCollection cookieColl = HttpContext.Current.Request.Cookies;
String[] names = cookieColl.AllKeys;
System.Web.HttpContext.Current.Trace.Write(String.Format("{0} cookies:",
names.Length));
for (int i = 0; i < names.Length; i++) {
HttpCookie cookie = cookieColl[names];
System.Web.HttpContext.Current.Trace.Write(String.Format(" {0}",
names));
cookie.Expires = DateTime.Now.AddDays(-1);
cookie.Domain = "invaliddomain";
cookie.Path = "invalidpath";
cookie.Value = "invalidvalue";
Response.Cookies.Add(cookie);
}
}

.... but on clicking the hyperlink, the cookie yet lives.

Any ideas? Is this something specific to IE6 perhaps, some security update
that special-cases ASP.NET cookies? Any help is appreciated.

Thanks,
--Dan Michaeloff
 
H

Hans Kesting

Daniel said:
Hi all,

I have an application that when finished redirects to a non-ASP.NET
app which is choking on a huge ASP.NET session cookie. The cookie
"ASP.NET_SessionId" gets transmitted by the browser (IE6 in test case)
despite trying Microsoft's suggested method of expiring the cookie
first.

I'd like to be able to kill the cookie and do a Response.Redirect()
from within a server-side button handler, but I'm to the point now
where I'm instead redirecting to a third .aspx page whose only job is
to remove the cookie and have a hyperlink out. In its Page_Load:

{
System.Web.HttpContext.Current.Session.Abandon();

HttpCookieCollection cookieColl =
HttpContext.Current.Request.Cookies; String[] names =
cookieColl.AllKeys;
System.Web.HttpContext.Current.Trace.Write(String.Format("{0}
cookies:", names.Length)); for (int i = 0; i < names.Length; i++) {
HttpCookie cookie = cookieColl[names];
System.Web.HttpContext.Current.Trace.Write(String.Format("
{0}", names));
cookie.Expires = DateTime.Now.AddDays(-1);
cookie.Domain = "invaliddomain";
cookie.Path = "invalidpath";
cookie.Value = "invalidvalue";
Response.Cookies.Add(cookie);
}
}

... but on clicking the hyperlink, the cookie yet lives.

Any ideas? Is this something specific to IE6 perhaps, some security
update that special-cases ASP.NET cookies? Any help is appreciated.

Thanks,
--Dan Michaeloff
Click to expand...


What probably happens is that the ASP.Net system automatically
adds that cookie, overwriting your "remove this cookie" version.

Try adding a "EnableSessionState=False" to the @ Page directive in the aspx,
maybe this will get rid of the new session cookie.

Hans Kesting
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

cookies not persisting 2
Asp.Net 1.1 - Transparently Encrypting Cookie Data 0
HttpCookie Class Non Readable Members 3
Cookie problem in VB.Net 4
Sessions and Cookies dont work 2
Single-Signin across servers in same domain 0
Endless loop on delete auth cookie/abandon session 0
Intermittent loss of session variables and cookie contents 1

Members online

Total: 72 (members: 1, guests: 71)
Robots: 461

Forum statistics

Threads
473,992
Messages
2,570,220
Members
46,805
Latest member
ClydeHeld1

Latest Threads

Top