仅在移动Safari ASP.NET Cookie会话URL问题 [英] ASP.NET Cookieless Session URL Issue ONLY in mobile safari

问题描述

我们正在举办的AppHarbor和使用他们的memcacher插件，安装：

We're hosted on AppHarbor and using their memcacher add-on, setup as described in their documentation:

<sessionState cookieless="false" regenerateExpiredSessionId="true" mode="Custom"
          customProvider="MemcachedSessionProvider" xdt:Transform="Insert">
  <providers>
    <add name="MemcachedSessionProvider"
         type="MemcachedProviders.Session.SessionStateProvider,MemcachedProviders"
         dbType="none" />
  </providers>
</sessionState>

我们看到，只能通过重现的问题：

We're seeing an issue that can be reproduced ONLY by:

1. 继Twitter的缩短网址到iOS Safari浏览器内appfail.net（或Twitter的iPhone应用程序的内置WebKit浏览器）：
   的http://t.co/6tRXopEJ


2. 点击我们的运行演示按钮，然后自动登录的用户，我们的模拟账户

此时服务器发出302重定向到一个无效的网址，例如：
http://appfail.net/（F（FckQ4UX0zD_WSxk_adpkk3YysHsYQS4TSVpljxmswyBqEAZ1q-YhW4KePrpYQfJ4KlLGaiyje_TbpeSARVyI8LioQ7Jp5EIc0Zm9u99IqRRkkoMh_wr-jrsrvje4J7KpUt1n87xEMzMeqHzpMz9ksm42IqNnf3F9B6GBwrnuA5EY_YsV0））/应用

At this point the server issues a 302 redirect to an invalid URL, eg: http://appfail.net/(F(FckQ4UX0zD_WSxk_adpkk3YysHsYQS4TSVpljxmswyBqEAZ1q-YhW4KePrpYQfJ4KlLGaiyje_TbpeSARVyI8LioQ7Jp5EIc0Zm9u99IqRRkkoMh_wr-jrsrvje4J7KpUt1n87xEMzMeqHzpMz9ksm42IqNnf3F9B6GBwrnuA5EY_YsV0))/Applications

该网址似乎包含的SessionID，在IIS使用Cookie会话相同的格式。这也将是有意义的，因为可以将IIS配置为使用基于UserAgent的无会话饼干 - 因此它为什么只在移动Safari浏览器再现（虽然我不知道为什么它仅与t.co/重定向发生，而不是当加载页面直接）

The url appears to contain a SessionID, in the same format that IIS uses for cookieless sessions. This would also make sense, since IIS can be configured to use sessionless cookies based on the UserAgent - hence why it only reproduces in mobile safari (although I'm not sure why it only happens with the t.co/ redirect, and not when loading the page directly)

但奇怪的是 - 我们有Cookie会话关闭！正如你可以在会话状态上面看到。
我也试图与设定'无Cookie =UseCookies...没有运气！

The strange thing is -- we have cookieless sessions turned off! As you can see in the session state above. I've also tried this with the setting 'cookieless="UseCookies"'... No luck!

我添加记录，甚至验证该系统配置为UseCookies在运行。

I've added logging and even verified that the system in configured as "UseCookies" while running.

所以，我不知道如何我们可以可能只是用RedirectToAction可以将用户重定向到无Cookie，URL，（） ？

So, I'm wondering how we could possibly be redirecting users to a cookieless-URL, just using RedirectToAction()?

我想知道这可能会涉及到自定义会话状态提供者 - MemcachedProvider？或者是一些更基本的？

I'm wondering if this could be related to the custom session state provider -- MemcachedProvider? Or is it something more basic?

由于
山姆

推荐答案

这可能是由于错误的ASP.NET客户能力的检测，请检查这个问题：的与Asp.Net问题使用iPhone的UIWebView

It might be due to faulty ASP.NET client capability detection, please check this question: Problem with Asp.Net Forms Authentication when using iPhone UIWebView

这篇关于仅在移动Safari ASP.NET Cookie会话URL问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！