View Full Version : ASP session variables in IE6

07-03-2002, 10:40 AM
session variables are not created when IE6 has this patch, Q316059. Without it (fresh installed), the page runs just fine.

the session variable is actually set in a page (I output its content after the assignment and it's there), but when this page redirects to another (frameset page), the session variable cannot be accessed.
If I output session.contents.length, it returns 0.

Why is this so? Do you have any idea? Thanks.

07-03-2002, 03:24 PM
ASP does use a 'cookie' like process for Session variables...

If the user has cookies disabled in their browser, the Sessoin variables from ASP code will be ignored.

Try looking at the cookie settings and see if cookies got disabled in that patch.


07-04-2002, 02:58 AM
Yup... I was probably one of them that said it, 'cause it's true.

In order to allow session variables in IE 6 I *believe* (don't quote me on this, but I have had dealings with it!) that you have to set your security settings to medium and if you still have trouble add the website to your "trusted sites"... *sigh*

Typical microsoft for ya.

07-04-2002, 04:01 AM
thanks for all the replies!
i'll try it later and will let you know of the result

07-04-2002, 04:42 AM
i've tried all sorts of settings like:

Under Security tab:

Local Intranet - Medium (tried also Low)
Trusted Sites - Low (added the intranet site to trusted sites)

Under Privacy tab:

Check Override automatic cookie handling
Check Accept for First and Third-Party cookies
Check Always allow session cookies

...but to no avail :(

07-04-2002, 05:08 PM
I've heard some say that ASP Session variables use client-side cookies . . .

Yup... I was probably one of them that said it . . .

In the ASP docs that ship with IIS, it clearly states . . .

Important: ASP assigns the user ID by means of an HTTP cookie, which is a small file stored on the user's browser. So, if you are creating an application for browsers that do not support cookies, or if your customers might set their browsers to refuse cookies, you should not use ASP's session management features. :D

07-04-2002, 05:26 PM
btw, sessions behave differently in framesets . . .

Also from the ASP docs:

. . . consider the case of an ASP page containing two HTML frames: frames 1 and 2, both within one frameset. Frame 1 contains an .asp file that executes a complex script, while frame 2 contains a simpler .asp file. Because ASP executes session requests in sequential order, or serially, you will not be able to see the contents of frame 2 until the script in frame 1 has executed. However, if you make the .asp file for frame 1 sessionless, then ASP requests will no longer be serialized and the browser will render the contents of frame 2 before the contents of frame 1 have finished executing.

Unfortunately, the way in which multiple requests for different frames are processed ultimately depends on the configuration of the user's Web browser. Certain Web browsers may serialize requests despite the sessionless configuration of your .asp files.