0

I have a ASP.NET WebForms application which also has API code. This project is not MVC based, its just WebForms.

The API is a seperate class with WebMethods, which is being routed to via the following code in Application_Start (file Global.asax.cs)

protected void Application_Start(object sender, EventArgs e)
{
        log4net.Config.XmlConfigurator.Configure();
        RouteTable.Routes.Add(new ServiceRoute("api/v1", new WebServiceHostFactory(), typeof(API.v1.Api)));
}

Everything works fine, once a request comes in to domain.com/api/v1/... it will be routed to my Api class. But my application is always responding with the "Set-Cookie" Header even when on the Api route. I'm not using the Session context anywhere in the Api class.

How can i disable Cookie entirely for everything within /api while at the root of the application cookie still runs as usual? Is that even possible?

Improve this question

1 Answer 1

Reset to default
1

Add this to your global.asax file. It will be auto-bound.

Remove any other cookies as well, if necessary. This is tested in an environment equal to yours and prooved to be working.

protected void Application_PreSendRequestHeaders(Object source, EventArgs e)
{
    if (Request.Url.AbsolutePath.ToLowerInvariant().Contains("/api/v1"))
    {
        Response.Cookies.Remove("ASP.NET_SessionId");
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.