Geek Answers Handbook

Why does the "Arr-Disable-Session-Affinity" header go through my Azure Web App (WebSite)?

Following the procedure in this article , I turned off the ARR Affinity cookie in my Azure Web App with this header in my answers:

Arr-Disable-Session-Affinity: True

It removes the cookie, which is very good. But the header itself is still passing. This title does not hurt anything, but according to the same document it should not be:

If you add the Arr-Disable-Session-Affinity header to disable the merge cookie, ARR will not set the cookie, but it will also remove the Arr-Disable-Session-Affinity header, so if your process is working correctly, you will not see either no other.

So ... how do I get it to remove the header too?

+7
azure azure-web-sites
source share
2 answers

if you added a custom Arr-Disable-Session-Affinity header, as shown below in your Azure Web.config web application, then this is the correct behavior that you still see in Disable-Session-Affinity with a value set to true, and the ARR cookie is removed in the HTTP response. I think this is a false statement in the help blog that you indicated, which states that the Arr-Disable-Session-Affinity header will be removed.

If you want to delete this header, then a cookie will be presented, it will be mutually exclusive.

 <system.webServer> <httpProtocol> <customHeaders> <add name="Arr-Disable-Session-Affinity" value="true" /> </customHeaders> </httpProtocol>

enter image description here

+1
source share

The article you are referencing does not specifically say how to add a title, so I cannot say if you did it right. I have not tested, but according to this article you should set it to Application_PreSendRequestHeaders:

 protected void Application_PreSendRequestHeaders() { Response.Headers.Remove("Server"); Response.Headers.Remove("X-AspNet-Version"); Response.Headers.Remove("X-AspNetMvc-Version"); Response.Headers.Add("Arr-Disable-Session-Affinity", "True"); }
0
source share

More articles:


All Articles