Cookieless browsing broken after update KB4580979

%3CLINGO-SUB%20id%3D%22lingo-sub-1854508%22%20slang%3D%22en-US%22%3ECookieless%20browsing%20broken%20after%20update%20KB4580979%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1854508%22%20slang%3D%22en-US%22%3E%3CP%3EUpon%20running%20Windows%20Update%20KB4580979%2C%20.Net%204.7.2%20projects%20that%20have%20the%20SessionStateSection.Cookiless%20Property%20set%20to%20AutoDetect%20no%20longer%20functions%20as%20expected.%3CBR%20%2F%3EPreviously%2C%20a%20browser%20that%20blocked%20cookies%20would%20be%20redirected%20to%20the%20same%20page%20with%20the%20querystring%20%2Fdefault.aspx%3FAspxAutoDetectCookieSupport%3D1%20and%20upon%20the%20system%20detecting%20that%20cookies%20were%20not%20supported%20it%20would%20redirect%20again%20to%20a%20cookiless%20session%20URL%20e.g.%20%2F(X(1)S(adl04pietheradyfawfaqlym))%2Fdefault.aspx%3FAspxAutoDetectCookieSupport%3D1%3CBR%20%2F%3ESince%20the%20update%2C%20a%20browser%20would%20continously%20be%20redirected%20to%20%2Fdefault.aspx%3FAspxAutoDetectCookieSupport%3D1%20until%20the%20redirects%20exceeded%20the%20maximum%20redirects.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERelevant%20Web.config%20section%3A%3CBR%20%2F%3E%3CCONFIGURATION%3E%3CBR%20%2F%3E%3CSYSTEM.WEB%3E%3CBR%20%2F%3E%3CSESSIONSTATE%20cookieless%3D%22%26quot%3BAutoDetect%26quot%3B%22%3E%3C%2FSESSIONSTATE%3E%3CBR%20%2F%3E%3C%2FSYSTEM.WEB%3E%3CBR%20%2F%3E%3C%2FCONFIGURATION%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWindows%20Server%202019%20DataCenter%20Version%201809%3CBR%20%2F%3EOS%20Build%2017763.1369%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1854508%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Ecookies%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIIS%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EServer%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%20Update%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

Upon running Windows Update KB4580979, .Net 4.7.2 projects that have the SessionStateSection.Cookiless Property set to AutoDetect no longer functions as expected.
Previously, a browser that blocked cookies would be redirected to the same page with the querystring /default.aspx?AspxAutoDetectCookieSupport=1 and upon the system detecting that cookies were not supported it would redirect again to a cookiless session URL e.g. /(X(1)S(adl04pietheradyfawfaqlym))/default.aspx?AspxAutoDetectCookieSupport=1
Since the update, a browser would continously be redirected to /default.aspx?AspxAutoDetectCookieSupport=1 until the redirects exceeded the maximum redirects.

 

Relevant Web.config section:
<configuration>
<system.web>
<sessionState cookieless="AutoDetect" />
</system.web>
</configuration>

 

Windows Server 2019 DataCenter Version 1809
OS Build 17763.1369

0 Replies
www.000webhost.com