为什么/时，是会写入易受线程终止？ [英] Why/when are session writes vulnerable to thread termination?

问题描述

总code：

 会话[富] =酒吧;
的Response.Redirect（foo.aspx）;
 

问题：

在foo.aspx从会议上写着富，它不存在。在会议的是存在的，但有一个为foo的没有价值。

我在我们的生产环境间歇观察到这种。但我不是说这里问<一个href=\"http://stackoverflow.com/questions/2203586/redirect-to-webapp-default-document-when-another-page-is-specified\">a有关的Response.Redirect（）问题。

的解释：

<一个href=\"http://weblogs.asp.net/bleroy/archive/2004/08/03/Don_2700_t-redirect-after-setting-a-Session-variable-_2800_or-do-it-right_2900_.aspx\"相对=nofollow>伯特兰·勒罗伊解释（加粗的是我的）：

  

现在，什么重定向所做的是送
  特别头的客户端，以便
  它要求在服务器上为不同的
  页面比它在等待之一。
  服务器端后，发送此
  头，重定向结束该反应。
  这是做了一个很暴力的东西。
  到Response.End实际上停止
  页面执行无论它是
  使用一个ThreadAbortException。什么
  真的会发生在这里的是，
  会话令牌丢失在战斗。

我的外卖存在着的Response.Redirect（）可以重手结尾线程。这可能威胁，如果它们发生太近高压手段我会写的。

问题：

有关ASP.NET会话管理是什么使得它如此脆弱呢？直到会话写行完成code的的Response.Redirect（）行不开始执行 - ？怎么能说是我写的会话这样的威胁。

有关会话写什么没有完成的code执行下一行之前？是否有其他方案中的会话写入也同样（就好像它们从来没有发生），失去了什么？

解决方案

测试了几种选择（的Response.Redirect（...，FALSE），Server.Transfer的（），以及其他的解决方案后，我现在不能回忆），我们只找到一个可靠的回答这个问题。

从移动我们的是InProc会话状态的SqlServer有效根除，我们的系统这种行为，留下的Response.Redirect（...）完全可靠。如果进一步测试显示，否则，我就在这里报告，但我说，让这个停止您的环境中发生的事情：将您的会话状态变成SqlServer的（或者是出是InProc的足够好，我不知道？）<。 / p>

THE CODE:

Session["foo"] = "bar";  
Response.Redirect("foo.aspx");

THE PROBLEM:

When foo.aspx reads "foo" from the session, it's not there. The session is there, but there's no value for "foo".

I've observed this intermittently in our production environment. But I don't mean here to ask a question about Response.Redirect().

THE EXPLANATION:

Bertrand Le Roy explains (the bolding is mine):

Now, what Redirect does is to send a special header to the client so that it asks the server for a different page than the one it was waiting for. Server-side, after sending this header, Redirect ends the response. This is a very violent thing to do. Response.End actually stops the execution of the page wherever it is using a ThreadAbortException. What happens really here is that the session token gets lost in the battle.

My takeaway there is that Response.Redirect() can be heavy-handed with ending threads. And that can threaten my session writes if they occur too near that heavy-handedness.

THE QUESTION:

What about ASP.NET session management makes it so vulnerable to this? The Response.Redirect() line of code doesn't begin its execution until the session write line is "finished" -- how can it be such a threat to my session write?

What about the session write doesn't "finish" before the next line of code executes? Are there other scenarios in which session writes are similarly (as though they never occurred) lost?

解决方案

After testing several alternatives (Response.Redirect(..., false), Server.Transfer(), and other "solutions" I can't now recall), we've found only one reliable answer to this problem.

Moving our session state from InProc to SqlServer effectively eradicated this behavior from our systems, leaving Response.Redirect(...) completely reliable. If further testing shows otherwise, I'll report here, but I say, to make this stop happening in your environment: move your session state into SqlServer (or is "out of InProc" good enough? I'm not sure).

这篇关于为什么/时，是会写入易受线程终止？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！