Nov 21, 2014 06:52 AM|ym2149|LINK
Maybe I'm in the wrong part of the forum for a question about this, but it could relate to sessions I guess.
We seem to generate URLs that have a string in it resembling a session id but isn't. It looks like this: (S(-1%20OR%202+138-138-1=0+0+0+1)) and we can't see where it's coming from. We have no cookieless sessions and a session id should not look like that
anyway apart from the "s( " part. The numbers inside change.
We get it from calling Page.ResolveUrl("~/");
This is a .net 3.5 site running on IIS7.
Does anyone have any ideas? Thanks!