Session and cookie in ASP. NET

SessionidProperty uniquely identifies a browser that contains session data on the server. SessionidValues are randomly generated by ASP. NET and stored in non-expired cookies of the browser. Apply to ASP. NET each time ProgramWhen sending a request, SessionidThe value is sent to the cookie.

SessionidSend the cookie or URL between the server and the browser in plain text format. In this case, it is not necessaryCodeMay obtainSessionidValue is included in the request sent to the server, so that the user can access the session of another user. If you need to store private or sensitive information in the session state, we recommend that you use SSLSessionidAny communication between servers is encrypted.

When session status based on cookies is used, ASP. NET can allocate session data storage only after session objects are used. Therefore, a new session ID is generated for each page request before accessing the session object. If your application requires a static session ID for the entire session, you can implementSession_startMethod, and store the data inSessionTo fix session IDs, or you can use code to explicitly store data in other parts of the applicationSessionObject.

If your application uses the cookieless session status, the session ID is generated on the first page view and maintained throughout the session.

Read sessionid:
Protected void page_load (Object sender, eventargs E)
{
Response. Write (this. session. sessionid );
}