Active Server Pages (ASP) uses cookies to track SessionIDs. As a result, the browser is sent a cookie when a new session is created. Typically this occurs the first time a particular client requests an ASP page in your Web application. If Internet Explorer is configured to "Warn before accepting cookies," you will see a warning dialog box when this SessionID cookie is sent to the browser. This article explains how to prevent ASP from sending these cookies.

NOTE: Disabling SessionID cookies is not recommended because it seriously limits the functionality of Active Server Pages.

Back to the top

Active Server Pages provides a configurable registry setting that can be used to disable Session State. The following registry value controls Session State:

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
   \W3SVC\ASP\Parameters\AllowSessionState
				

If you set AllowSessionState to 0, ASP no longer sends SessionID cookies to the browser.

WARNING: Setting AllowSessionState to 0 disables the use of sessions in your Web application. This means that you will not be able to store or retrieve session variables. If your Web application uses session variables, as most do, your pages will no longer function properly. In addition, you will encounter scripting errors in the server-side scripts, which use session variables.

Back to the top

For additional information, click the article number below to view the article in the Microsoft Knowledge Base: For the latest Knowledge Base articles and other support information on Visual InterDev and Active Server Pages, see the following page on the Microsoft Technical Support site:

Back to the top