FormsAuthentication.CookieMode Property

Gets a value that indicates whether the application is configured for cookieless forms authentication.

Namespace: System.Web.Security
Assembly: System.Web (in system.web.dll)

public static HttpCookieMode CookieMode { get; }
/** @property */
public static HttpCookieMode get_CookieMode ()

public static function get CookieMode () : HttpCookieMode

Not applicable.

Property Value

One of the HttpCookieMode values that indicates whether the application is configured for cookieless forms authentication. The default is UseDeviceProfile.

The CookieMode property reflects the value for the cookieless attribute of the forms configuration element. The CookieMode property determines whether the FormsAuthenticationTicket value will be stored in a session cookie in the browser or stored in the QueryString property.


When the FormsAuthenticationTicket value is stored in the URI, the length of the generated URI may be longer than the maximum length allowed. This is most likely to occur when the FormsCookiePath property is set to the application name and the application name is long (40 or more characters), when user names in the application are long, or when long UserData strings are stored in the FormsAuthenticationTicket value. If the generated URI is too long, the Web server will return a 400 - Bad Request error.

The following code example sets the cookieless attribute to AutoDetect in the Web.config file.

<authentication mode="Forms">
  <forms loginUrl="member_login.aspx"
    cookieless="UseCookies" />

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0

Community Additions