My site uses cookies - need to switch to sessions_问答_开发者

My site uses cookies - need to switch to sessions

开发者 https://www.devze.com 2023-01-25 08:59 出处：网络

My site uses cookies开发者_如何学C.I need to have it use sessions instead. The reason for this is because there is a third party that needs to connect to it, and it\'s always requiring 3rd party cook

My site uses cookies开发者_如何学C. I need to have it use sessions instead.

The reason for this is because there is a third party that needs to connect to it, and it's always requiring 3rd party cookies to be enable in the browser and that is annoying my customers.

Is there any other way around this other than switching to sessions?

You can do cookieless sessions:

http://msdn.microsoft.com/en-us/library/aa479314.aspx

They have their drawbacks, but it is possible.

The main reason to switch from cookies to sessions is to shift the storage location of the data from the client (cookie) to the server (session). However, the downside is that sessions often require cookies to carry the session ID along.

But as Kevin has already pointed out, it is possible to implement sessions with the session ID being sent in the URL instead. However, the downside of that is that the session ID is then more opaque than when sent in the HTTP header instead.

OK, the short answer is yes, but the long answer is that this is a bigger issue.

You can use cookie-less sessions and just pass around cookie IDs. But if you really plan to have 3rd parties authenticate your users, then it's time to look at OpenID and OAuth.

Using a session requires the use of cookies.