returning new session for every request

Jun 19, 2007 at 2:41 PM
I am not sure if this is related to the toolkit, but I am seeing this problem only when my page is "hosted" in facebook page. I copied sample code from the documentation and created a page on local IIS server. I could add the app to my facebook account. When I bring up the canvas page everything is displayed correctly. The problem is whenever I hit F5 a new session is created. Under debugger Session.IsNewSession is always true. If I load the page from localhost directly (http://localhost/<myapp>), then it re-uses the same session. I am new to, I couldn't figure out why putting a page in iframe would break session state.

Jul 9, 2007 at 4:02 PM
Edited Jul 9, 2007 at 4:51 PM
I had the same problem. I resolved this by adding <sessionState mode="InProc" cookieless="true" timeout="20" /> to web.config

Jul 9, 2007 at 9:17 PM
Are you using the CanvasIFrameBasePage?

This page has PreRender code to establish a privacy policy for the iframe page that is intended to allow session state to work.

Response.AppendHeader("P3P", "CP=\"CAO PSA OUR\"");
Jul 10, 2007 at 7:31 AM
No I am not using CanvasIFrameBasePage as my app works great without it - and I haven't had the time to check out how to implement it.

What is the major benefit to the CanvasIFrameBasePage?
Jul 10, 2007 at 1:14 PM
If you have all the authentication, application add functionality working on your own you shouldn't need it. Its main purpose is just to simplify that process for everyone.

But, if you aren't you might want to steal the PreRender code, and add it to your code behind. That way you won't need cookieless sessions. That Response.AppendHeader should fix the problem where IFrame is not able to store cookies.