问题
In looking at persisting user information across a web session (.Net MVC), if we use a state server and set cookieless=true, is there still a cookie stored on the user's system, as it relates to the .Net authentication, etc.
We would also use the state server to store what would have been used in a session object.
I to realize that some cookies are good - ie, AntiXsrfToken and __RequestVerificationToken. Apart from these, we are looking for a fully cookieless solution.
Thank you.
回答1:
if we use a state server and set cookieless=true, is there still a cookie stored on the user's system?
This question is incomplete.
I can only give you the answer you're looking for: when using cookieless=true, ASP.NET will not use cookies on the client machine to store the session ID. That is all that this setting does in regard to cookies.
If you use user controls or application code that do use cookies, those are unaffected by that setting - such cookies will still be sent to the visitor's machine.
来源:https://stackoverflow.com/questions/33282619/does-using-session-state-stateserver-and-cookieless-true-still-store-cookies-on