Export (0) Print
Expand All

FormsAuthentication::CookieMode Property

Gets a value that indicates whether the application is configured for cookieless forms authentication.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

static property HttpCookieMode CookieMode {
	HttpCookieMode get ();

Property Value

Type: System.Web::HttpCookieMode
One of the HttpCookieMode values that indicates whether the application is configured for cookieless forms authentication. The default is UseDeviceProfile.

The CookieMode property reflects the value for the cookieless attribute of the forms configuration element. The CookieMode property determines whether the FormsAuthenticationTicket value will be stored in a session cookie in the browser or stored in the QueryString property.


When the FormsAuthenticationTicket value is stored in the URI, the length of the generated URI may be longer than the maximum length allowed. This is most likely to occur when the FormsCookiePath property is set to the application name and the application name is long (40 or more characters), when user names in the application are long, or when long UserData strings are stored in the FormsAuthenticationTicket value. If the generated URI is too long, the Web server will return a 400 - Bad Request error.

The following code example sets the cookieless attribute to AutoDetect in the Web.config file.

<authentication mode="Forms">
  <forms loginUrl="member_login.aspx"
    cookieless="AutoDetect" />

.NET Framework

Supported in: 4.5.3, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

© 2014 Microsoft