Is it safe to access asp.net session variables through static properties of a static object?
Is it safe to access asp.net session variables through static properties of a static object?
session
ASP.NET Session Mix-up using StateServer (SCARY!)
We store two objects in session. Somehow, one of the objects from another user got loaded into a different user’s session. The user should have had no access to this particular data, and as soon as they saw it they knew something was very wrong.
ASP.Net Session
I am wanting to store the “state” of some actions the user is performing in a series of different ASP.Net webforms. What are my choices for persisting state, and what are the pros/cons of each solution?
how to Destroy all sessions at one Time in asp.net?
I want destroy all sessions at one time. I have tried Session.Abondon() method but I don’t know why this is not destroying all the sessions.
ASP.NET MVC – Is there a way to simulate a ViewState?
I have the following situation… In a certain View, the user must select the initial hour, the final hour and the weekday. But, I can’t save this informations to DB ’cause I need to save my whole page and I need the primary key of the primary table, but that’s not the point.
ASP to ASP.NET Session Variables
We have a website in classic asp that we are slowly migrating to ASP.NET as necessary.
Pros and Cons of using ASP.NET Session State Server (instead of InProc)?
Before I start using Session State server for the benefit of making session state more robust in my apps compared to InProc state, I’d like to find a list of Pros and Cons for evaluation.
How do I mock/fake the session object in ASP.Net Web forms?
Is there a way to mock/fake the session object in ASP.Net Web forms when creating unit tests?
Is encrypting session id (or other authenticate value) in cookie useful at all?
In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption.
How do you programmatically end a session in asp.net when Session.Abandon() doesn’t work?
Session.Abandon() doesn’t seem to do anything. You would expect the Session_end event to fire when Session.Abandon() is called.