Web Development - .NET 4.0 Session Fixation Exploits?
Mar 11, 2010Does ASP.NET 4.0 have any improvements as to inbuilt ptotection against session fixation attacks?
View 1 Replies
Similar Messages:
State Management :: Session And Session Variables Not Stable In Development Server?
Oct 11, 2010I use some session variables to get the job done(shopping cart, etc) but it is not stable..manytimes I get no items in session object and other times(refreshing the page) I get missing data...I downloaded the entire site code to my local pc and debugged it and run it succesfully without any session data missing...When I run it in the server, I get bad session again: no products in shopping cart or products with missing quantities...
The same website runs smoothly in our production server too....The problem is with our development server...
.net Development Server Session Not Working?
Feb 7, 2011how can I work with 'session' while working on visual studio asp.net development server please? as I found its not working there but working with iis
View 1 RepliesMigrate Session Data From One Browser To Another? - Web Development
Apr 5, 2010I need to transfer a user to a page which requires session data which is stored within a different session.
Is it possible in some cases to migrate the session data by setting the session cookie on the user's browser?
Currently I have no workaround, and using session data seems like the only option I have at the moment.
Configuration :: Session Value Becomes Null On Deploying - Works Fine With Development?
Aug 16, 2010My Session gets null after redirecting to other page,
Below written is my code in login page:
protected
void btnLogin_Click(object
sender, ImageClickEventArgs e)
{
// saving login history calling submit function to save login details in database
callsubmitfunctionofDatalayer();
//saving session
Session["Username"] = txtUsername.Text;
[Code]....
Is It Wise To Mix MVC Development And Web Form Development In The Same Group Of Products?
Oct 20, 2010We have a largely asp.net web form team (With some Oracle developers thrown in).
Question 1:
Is it a good idea to start using asp.net MVC which will mean redevelopment of a number of standard controls for not much benefit.
Question 2:
Is it a good idea to hire developers where there most recent skills are with asp.net MVC?
I doubt there is any benefit adopting MVC now, given the 100+ applications in this suite of products, and the maintenance/rework this will cause. Given this, is there any particular reason to hire MVC developers, as they won't be hitting the ground running, which is what I need now.
Custom Development Versus CMS Development
Jul 16, 2010I am planning to develop a social networking website for student of a particular university with following facilities.
Forum, Blog, Creating profile, creating groups , Adding Friends, managing groups, dating, chatting etc.
Now if I start developing it from scratch, this will take a lot of time..
I couldnt find any CMS which can in developing social networking website.
Additionally, I would like the website to have my own custom design. Also it should have support for AJAX, SEO and integrating third party applications.
Desktop Development Versus Web Development
Sep 13, 2010How do you know what is better to use for writing new programs? We are now using Access 2007 frontend with an SQL backend and we are going to VB.Net, what would be our next logical step?
View 4 Replies.net - Used For Web Development Only?
Sep 18, 2010Is asp.net used for web development only?
View 3 RepliesState Management :: Global.asax To Load Up Several Session Variable When A Session Starts?
Sep 14, 2010I added the following code to global.asax to load up several session variable when a session starts. I'm assuming that when a page goes to use the variable that I should be
1) checking at the page level that the value is valid not 0 when its not expected to be 0, not a zero-length string when its expected to have a length
2) have code at the page level that sets the values if the values have not been set as when the Session timeout, ideally putting the code in a class derived from Page and then deriving all of my pages from the new class so that the code does not have to be repeated in every page
[Code]....
State Management :: Differentiate Between New Session Create For New Website Visit Or Session Expired
Mar 2, 2011I have a problem by getting session which created for new site visit or session expired.
View 3 RepliesWeb Forms :: Reset Session If Click Anywhere On Page And Show Popup Before Closing Session?
Feb 25, 2016I want the code for showing popup dialog box , to show the time remaining for session closing because of in-activity. and 2 buttons for allowing to stay or to signout.
i want all the settings that are need to achieve the functionality.
C# - Store Class Properties In Session And Use Of Session Handler - Is It Good Design
Jul 27, 2010I have a class called EditMapUtilities. Here are some class properties that I want to persist:
public class EditMapUtlities
{
public static Boolean isInitialEditMapPageLoad
{
get { return SessionHandler.isInitialEditMapPageLoad; }
set { SessionHandler.isInitialEditMapPageLoad = value; }
}
// REST OF CLASS NOT GERMAIN TO DISCUSSION AND OMITTED
}
Here is my SessionHandler Class following the pattern from this post Static Session Class and Multiple Users:
using System.Web.SessionState;
public static class SessionHandler
{
private static HttpSessionState currentSession
{
get
{
if (HttpContext.Current.Session == null)
throw new Exception("Session is not available in the current context.");
else
return HttpContext.Current.Session;
}
}
//A boolean type session variable
private static string _isInitialEditMapPageLoad = "EditMapInitialPageLoad";
public static bool isInitialEditMapPageLoad
{
get
{
if (currentSession[_isInitialEditMapPageLoad] == null)
return true;
else
return (Boolean)currentSession[_isInitialEditMapPageLoad];
}
set
{
currentSession[_isInitialEditMapPageLoad] = value;
}
}
}
I am still learning OOAD. I want to keep relevant properties with relevant classes. I also want to keep all Session stored variables in one place for ease of maintenance and to encapsulate the session keys and calls. I feel like my design is too coupled though. How can I make it more loosely coupled? Is my editMapUtilities class too tightly coupled to the SessionHandler class? How would you do it better?
Latest Logon Session Is Retained And The User Is Automatically Signed Out From The Other Session
Feb 1, 2011Let suppose, I am building an asp.net website which has login scenario in it. I want to provide a certain functionality to the website that if the user is already login on computer 1 and now try to login on computer 2, so he will be allowed to remain login on computer 2, while automatically logout him from computer 1. I also know that http is a stateless medium, so whenever user interact with computer 1 and try to interact with the page, it will get noticed at that time.
View 2 RepliesDoes Static Reference To HttpContext.Current.Session Return Same Session For All Users
Feb 4, 2011Is there room for issue in the following code in terms of multiple users of the same web application? I mean, I know that a purely static string will be shared across all sessions for a single ASP.NET application, but since this explicitly refers to the Current.Session, even though it is static it seems like it would always refer to the session instance of the "current user." But an error is happening that could be explained by everyone sharing the current value of Mode and thus the most recent change overwriting everyone else's mode value. (As a background: This string is in a Helpers class that is used throughout the application. I do not want to make references to Session["Mode"] throughout the application and do not want to have to pass Session["Mode"] in every method call from an aspx.cs page.)
public static string Mode
{
get
{
var value = HttpContext.Current.Session["Mode"];
return (value ?? string.Empty).ToString();
}
set
{
HttpContext.Current.Session["Mode"] = value;
}
}
State Management :: Session Variables And Tabs / Is There A Way To Reset The Session Variable
Nov 11, 2010I have some code in my page load event where I just want to fire once when the user opens the Browser. The only issue is if you open a new tab with the same website the session variable does not reset. Is there a way to reset the session variable when you open a new tab or do you have to take the whole web browser down for it to clear the session variable.
In Global Page:
[code]....
Web Forms :: Iframe Session / Site Session Starts Again On Every Page.postback
Dec 20, 2010i have two web aplications running on different sites.
1. site gets user information and show another website (2. site) in an i frame. but when i do this 2. site session starts again on every page.postback . if i connect to 2. site without 1. site everything works well.
State Management :: Which Place(exact Folder) The Session & Session Id Will Be Stored
May 3, 2010which place(exact folder) the session & session id will be stored?
View 8 RepliesState Management :: Session - User Closes Browser, The Session Does Not Get Killed?
Jul 15, 2010I have a website live in asp.net
now if user closes browser. the session does not get killed.
I spoke with friend and he said that cannot be done as sessions are on server.
but i see banking website who kills session when browser is closed.
State Management :: Session Variable Persisting Even After Abandoning A Session - Closing Browser Windows
Aug 5, 2010I have been spending a better part of a week trying to track down why I am not able to clear all session variables in a web app (vs 2010, vb.net). What I have tracked it down to is that when I remove or abandon sessions that my html pages or codebehind access, it works, but for some reason in any of my class files where I use "Public Shared strConnection as String = HttpContext.Current.Session("strConnection").ToString" to access a session variable, it finds the old one and not the current one. I have to wait for it to time out, go in again, and it will find the new one.
I do not use Linq, and there is only one place in the whole web app that I place the connection string in a variable whcih is when a person logs in. It points them to the correct database. The sqlconnection is set for all of my listviews in Page_Init to make sure that they aren't using any session variable that they create on their own. Interestingly enough that if I use debug to go in each time, exit debug, enter debug again trying to access a different database, it works correct each time. I assume that debug is correctly killing the session variable for the classes for me.
Session Value Was Destroyed Once Page Reopen / How To Keep Session Value In 20 Minutes As Default
Jan 26, 2011There are two pages in my app, A and B.A is login page from which user ID was saved in a session. Once user login, B is open and user ID will display in B. When user submitted an order successfully at page B, page B will reopen but user ID was missed. How to fix it to keep session value in 20 minutes as default?
I check IIS, session time out time is 60 minutes.
Create A Copy Of An Object In Session To Update Without Updating Session?
Jul 20, 2010I am confused about how to reference objects in session, how to update, and copy.
if I create
MyObject obj = new Object ();
then
Session["object"] = obj;
MyObject temp = (MyObject)Session["object"];
If i change something on temp, will the object in session be updated? do i need to follow changes with Session["object"] = temp?
State Management :: Session Gets Lost When Set Session Response.cookie
Jan 25, 2011I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
State Management :: How To Manage Session Data Outside The Session Object
Oct 7, 2010I want to be able to persist data across a session but do this outside of the built-in session state object. Why is a long story that I will not go into here. I just need to know where I can put data other than in the session object that will persist across the specific session.
View 3 RepliesSecurity :: Valid Session Isn't Created On Re-logging In After Session Timeout
Feb 3, 2011I created a user control for my web application that checks for Session Timeout. If the criteria are met for Timeout, I use Response.Redirect to send the user back to the login page. I include this user control in my Master page, and run the SessionTimeoutcode in the user control's Page_Init event. That all works great. However, once the user logs in again after time-out (and I have verified that the OnLoggedIn event does fire) the user is redirected to the DestinationPageUrl. That page runs the Session Timeout check when it loads (as it should) and the Session Timeout code "says" that the session is still timed-out.
View 1 Replies