Last post Jan 11, 2013 06:56 AM by Pengzhen Song - MSFT
Jan 09, 2013 05:41 AM|goelankur1982|LINK
Environment: ASP.Net 4.0, IIS 7, Windows Server 2008 SP1, 64 bit Operating system
In our ASP.Net application, we are adding cookies to HTTP response in Page_Load() event using the following code -
HttpCookie cookie = new HttpCookie(cookieKey);
cookie.Expires = DateTime.Now.AddMinutes(cookieExpirationMin);
cookie.Values["language"] = language;
The output caching is also activated for this page. After applying the "Microsoft security bulletin MS11-100" (Refer: KB2656351) update, the page output caching is stopped working for this page. If we simply uninstall this security update then the output
caching starts working.
Because this security update is marked as CRITICAL SECURITY UPDATE, so our client would not recommend to uninstall it.
So I would like to know is there any workaround for this or some patch released by Microsoft to overcome this issue.
Kindly help us as we are facing this issue in production environment.
Jan 11, 2013 06:56 AM|Pengzhen Song - MSFT|LINK
You can create a custom HTTPModule and copy all available cookies from the response(including newly added cookies) to the
Context.Item then clear all the cookies available in the response.
In the next step, read the object stored in the Context.items and add back to the response. So when output cache provider is trying to cache the page there is no cookies in the response. so it works as usual. and then adding the cookies back.
For detailed information, you can refer this: