Demo ASP: session_query_parse.asp | 2024-11-14 |
Instead what happens is that Apache::ASP will automatically parse through the script output looking for all local URLs, and those URLs matching the SessionQueryParseMatch config, currently set to ^http://localhost ... These URLs will then have the current $Session->SessionID inserted into their query strings.
So turn off the cookies and see what happens! You should notice that all local URLs, including the link to itself, now have the session id carried by the query strings.
The current session id is: | 0fd615d9af706da4131709e21b1a0b06 |
The current count is: | 11 |
Here are some other links that may or may not have the session id parsed in depending whether they match SessionQueryParseMatch: