Today started a brand new ASP.NET Core site. Followed the instructions to add sessions. We print out the Session ID on the index page, and it is always unique.
I figure it may be cookie compliance, so I nuked all cookies, both in Chrome's advanced settings and debugger. But the banner won't reappear for me to accept.
I also tried simply disabling CheckConsentNeeded, but that also had no impact.
Pretty much a duplicate from the default project plus MSDN, except for the tweaks described above:
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
// Set a short timeout for easy testing.
options.IdleTimeout = TimeSpan.FromSeconds(10);
options.Cookie.HttpOnly = true;
//options.Cookie.SecurePolicy = CookieSecurePolicy.Always; //require https
// Make the session cookie essential
options.Cookie.IsEssential = true;
});
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => false; //true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseSession();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
Wiktor Zychla was correct in the first comment: you must assign any data for the ID to stick.
I simply assigned any data to the session in my controller:
public IActionResult Index()
{
HttpContext.Session.Set("What", new byte[] { 1, 2, 3, 4, 5 });
}
After that, HttpContext.Session.Id
did not change, as one would expect.
As my first foray into ASP.NET Core from ASP.NET Framework, I didn't expect that, and I am sure I won't be the last!
Zoop's answer inspired me, but as my comment suggests, it becomes messy should your application have a lot of actions. Based on their answer, I came up with this:
Create a base controller for your application if you don't have one already. Derive all of your existing controllers from that controller. Override the base method that behaves like the old Page_Load
from ASP.NET. OnActionExecuting
gets invoked before any action code does.
public class MyApplicationController : Controller
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
HttpContext.Session.Set("What", new byte[] { 1, 2, 3, 4, 5 });
}
}
EDIT: This is an imperfect solution as well. I have abandoned trying to use Session
at all in my MVC project. This will work in cases where you don't do anything but GET
and POST
. (eg, $ajax
will mess this up.)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.