Does Response.Redirect("~/MyPage.aspx", true); clear session on redirect?
-
I have a application that did use query strings and IFrames. I changed all of the IFrames to usercontrols and stored what was being passes as query strings to Session variables. In my usercontrols I use Response.Redirect("~/MyPage", true); to navigate. I seem to be loosing Session and was not sure of the cause. My question is does this method of navigation clear session? Also, if this does clear session how can I do a redirection to another webpage from with-in usercontrols & nested usercontrols from the code behind and still retain session? Thanks, Steve Holdorf
-
I have a application that did use query strings and IFrames. I changed all of the IFrames to usercontrols and stored what was being passes as query strings to Session variables. In my usercontrols I use Response.Redirect("~/MyPage", true); to navigate. I seem to be loosing Session and was not sure of the cause. My question is does this method of navigation clear session? Also, if this does clear session how can I do a redirection to another webpage from with-in usercontrols & nested usercontrols from the code behind and still retain session? Thanks, Steve Holdorf
I thought the response.redirect took 1 argument. The session values hold on all pages, the lifetime of using the website unless 20 minutes of non-activity passes by, then it expires. Or a session.remove is issued. But you do have to check for the existence of the session object first, before trying to use the value, or before removing or destroying the object.
-
I thought the response.redirect took 1 argument. The session values hold on all pages, the lifetime of using the website unless 20 minutes of non-activity passes by, then it expires. Or a session.remove is issued. But you do have to check for the existence of the session object first, before trying to use the value, or before removing or destroying the object.
The second argument terminates the current response. It's a good idea to set that to true usually. You are correct, and in my experience this holds true - nothing in the Response.Redirect behavior affects session values. Possibly he's storing sessions without cookies, and he's losing the query string value which is used in that case to keep the session alive. Keep in mind, Response.Redirect is a CLIENT-SIDE redirect, meaning control goes back to the browser, and it requests the new page. When that request comes in, it looks like a new request, so if there's no cookie to tell the server the SessionID, it's going to be lost if you don't pass the query string value back as part of the redirect URL. I often take advantage of that to "reset" the current page by redirecting back to itself. In other words... this might work...
Response.Redirect("~\Page.aspx?" + Request.QueryString.ToString(), true);
-
The second argument terminates the current response. It's a good idea to set that to true usually. You are correct, and in my experience this holds true - nothing in the Response.Redirect behavior affects session values. Possibly he's storing sessions without cookies, and he's losing the query string value which is used in that case to keep the session alive. Keep in mind, Response.Redirect is a CLIENT-SIDE redirect, meaning control goes back to the browser, and it requests the new page. When that request comes in, it looks like a new request, so if there's no cookie to tell the server the SessionID, it's going to be lost if you don't pass the query string value back as part of the redirect URL. I often take advantage of that to "reset" the current page by redirecting back to itself. In other words... this might work...
Response.Redirect("~\Page.aspx?" + Request.QueryString.ToString(), true);
-
I did a quick test on redirect, and it only asked for 1, but some function have options, so I missed that. [EDIT] So since my post was down voted, I will delete the information I posted.
Yeah if you turn off cookies the session still works by using query strings, and it will default to this mode if a user has set their option to not accept cookies, so you don't have total control over it. It's a good idea to make sure you're saving query strings for that rare case, even if you turn cookies on in the web.config. This is the key element:
...I usually put the "cookieless" to "AutoDetect" because if you pick "UseCookies" and the user has cookies disables, it won't throw an error, but it won't establish a session either. If you're using a web farm, you have to use mode=SQLServer or Custom, where you have to implement session management yourself.