ASP.NET MVC和使用Cookie会话 [英] ASP.NET MVC and using cookieless sessions
问题描述
有似乎是相互矛盾的关于ASP.NET MVC和Cookie会话的意见。 有人说 MVC彻头彻尾的不支持,而是<一个href=\"http://stackoverflow.com/questions/15176355/asp-net-mvc-4-need-to-use-sessions-but-cant-use-cookies\">others似乎使用MVC和Cookie会话没有任何问题是。如果我创建一个测试MVC项目,使Cookie会话一切似乎很好地工作。有没有人有使用Cookie会话与MVC明确的支持和答案,即为什么或者为什么不使用它们?
There seem to be conflicting opinions about ASP.NET MVC and cookieless sessions. Some people say MVC downright does not support, but others seem to be using MVC and cookieless sessions without any issues. If I create a test MVC project and enable cookieless sessions everything seems to work fine. Does anyone have a definitive and supported answer on the use of cookieless sessions with MVC, i.e. why or why not to use them?
注:我知道的安全隐患使用Cookie会话中,但在我的情况和内部应用程序的其他用户窃取的sessionId的风险不的太的大问题。
Note: I am aware of the security implications of using cookieless sessions, but in my case and for internal applications the risk of other users stealing sessionId's is not too much of an issue.
推荐答案
明确的答案是在 forums.asp.net 的张贴在你原来的问题挂钩。这些答案从产品团队成员自己开门见山。 Cookie的Forms身份验证/ Cookie会话都去precated技术。没有ASP.NET开发团队在最近几年(MVC,的WebAPI,SignalR,友好的URL)进行支持它。
The definitive answer was in the forums.asp.net post you linked to in your original question. Those answers came straight from the product team members themselves. Cookieless forms auth / cookieless session are deprecated technologies. Nothing the ASP.NET team has done in recent years (MVC, WebAPI, SignalR, Friendly URLs) supports it.
东西的可能的由快乐事故的工作,但是这不应该被误解为一个正式支持的方案。已对Cookie的Forms身份验证/ Cookie会话提交的所有错误都自动解决不会修复的产品团队。
Things might work by happy accident, but this should not be misconstrued as an officially supported scenario. All bugs which have been filed regarding cookieless forms auth / cookieless session are automatically resolved "won't fix" by the product teams.
这篇关于ASP.NET MVC和使用Cookie会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
