How to remove AspxAutoDetectCookieSupport

Question

Many of my url\'s on my site www.mysite.com/Display.aspx?ID=128

gets displayed to users as

www.mysite.com/Display.aspx?ID=128&AspxAutoDetectCookieSuppor

Answer 1

To remove this, change the cookieless property of sessionState in your web.config to false.

e.g.

When cookieless is set to autodetect, the framework generates the AspxAutoDetectCookieSupport querystring to determine if the client has cookie support. If the client does not have cookies enabled, ASP.Net will store the users Session Id directly in the URL.

An application using ASP.Net cookieless session support http://i.msdn.microsoft.com/Aa479314.cookieless01(en-us,MSDN.10).gif

An application using ASP.Net cookieless session support

This potentially opens up your application to session hijacking and might be considered a risk. A better option may be to disable this feature and alert your users that they will need to have cookies enabled to use your application.

For more a more detailed look at this, read Cookieless ASP.Net by Dino Esposito on MSDN.