We are hosted at AppHarbor and use their add-on memcacher as described in their documentation:
<sessionState cookieless="false" regenerateExpiredSessionId="true" mode="Custom" customProvider="MemcachedSessionProvider" xdt:Transform="Insert"> <providers> <add name="MemcachedSessionProvider" type="MemcachedProviders.Session.SessionStateProvider,MemcachedProviders" dbType="none" /> </providers> </sessionState>
We see a problem that can be reproduced ONLY:
- After Twitter, the shortened url appfail.net inside iOS Safari (or the built-in webkit browser on twitter iphone): http://t.co/6tRXopEJ
- Click on the "Run Demo" button, which will automatically add the user to our demo version.
At this point, the server issues a 302 redirect to an invalid URL, such as: http://appfail.net/(F(FckQ4UX0zD_WSxk_adpkk3YysHsYQS4TSVpljxmswyBqEAZ1q-YhW4KePrpYQfJ4KlLGaiyje_TbpeSARVyI8LioQ7Jp5EIc0Zm9u99IqRRkkoMh_wr-jrsrvje4J7KpUt1n87xEMzMeqHzpMz9ksm42IqNnf3F9B6GBwrnuA5EY_YsV0))/Applications
The URL appears to contain a SessionID, in the same format as IIS for cookieless sessions. This also makes sense since IIS can be configured to use cookies without a UserAgent based session, so it only plays on mobile safari (although I'm not sure why this only happens with t.co/ relay, and not when the page loads directly )
The strange thing is, we have disabled cookieless sessions! As you can see in the session state above. I also tried this with the setting "cookieless =" UseCookies "" ... No luck!
I added registration and even verified that the system is configured as "UseCookies" during operation.
So, I am wondering how we can redirect users to cookieless URLs just by using RedirectToAction ()?
I am wondering if this could be due to a custom session state provider - MemcachedProvider? Or is it something more basic?
Thanks Sam
Sam
source share