Last post Nov 15, 2017 08:42 AM by Edward Z
Nov 13, 2017 10:47 AM|glasgowdev|LINK
Is there any default limit on the size of the session state in ASP.NET Core?
In full ASP.NET, I have seen similar questions answered with reference to the requestLengthDiskThreshold setting, but unclear if that setting exists in ASP.NET Core, or if it does actually relate to the overall size of session state allowed.
Nov 13, 2017 12:33 PM|PatriceSc|LINK
According to the documentation it seems totally unrelated to session variables:
"The RequestLengthDiskThreshold property specifies the input-stream buffering threshold limit in number of bytes. Its value should not exceed the
MaxRequestLength property value. After a request entity exceeds this threshold, it is buffered transparently onto disk."
It short it is about buffering the request stream to disk.
More likely it was actually discussing some other issue ? AFAIK you doesn't have any default limit. If trying to solve some problem it would be better to discuss directly your issue.
https://stackoverflow.com/questions/1755348/what-is-the-maximum-size-a-session-variable-can-hold but it's rather that the design is wrong. The code tries to store an upload file control as a Session variable which is really a very bad idea. It's doesn't
work over 80 Kb likely because in this case it is buffered to disk rather than kept in memory but once again keeping a reference to a control on some earlier posted page as well as using a static counter this way is really something you shouldn't do.
Nov 15, 2017 08:15 AM|Edward Z|LINK
Did you hit specific issue under Asp.Net Core?
Session state indicates, ASP.NET Core maintains session state by giving the client a cookie that contains the session ID. The session state is stored in Cookie, I did not find description about the limit of session state, but I think it inherits the size
limit of Cookies.
If you have any specific issue, please feel free to share us more information.
Nov 15, 2017 08:27 AM|PatriceSc|LINK
The session state is stored in Cookie
No, it is stored server side in memory (or using some other provider). Only the session id is stored in a cookie which goes back and forth and allows to retrieve session data server side based on this id.
Nov 15, 2017 08:42 AM|Edward Z|LINK
Thanks for correcting me, and my apology for this.
>>ASP.NET Core maintains session state by giving the client a cookie that contains the session ID.
The session ID instead of Session state is stored in Cookie.