assessionid 名称更改

发布于 2024-12-11 04:18:36 字数 562 浏览 0 评论 0原文

<script type="text/javascript" language="javascript">
function setCookie()
{
    var path = '/', host = document.location.hostname;
    document.cookie = 'random=' + Math.floor(Math.random()*11) + '; path=' + path + ( host ? '; domain=' + document.location.hostname : "" ) ;
}
function readCookie()
{
    alert(document.cookie)
}
</script>

如果我有一种简单的方法将日志中的 aspsessionid**** 更改为 sessionid，我的生活会简单得多。在 Windows 中，有没有一种快速的方法可以做到这一点？必须有一个脚本、批处理文件、命令或我可以在新日志文件上作为计划的日常任务运行的东西。在这种时候，我希望我能编程。欢迎提出建议！

原文

<script type="text/javascript" language="javascript">
function setCookie()
{
    var path = '/', host = document.location.hostname;
    document.cookie = 'random=' + Math.floor(Math.random()*11) + '; path=' + path + ( host ? '; domain=' + document.location.hostname : "" ) ;
}
function readCookie()
{
    alert(document.cookie)
}
</script>

My life would be a lot simpler if I had an easy way to change aspsessionid**** to just sessionid in my logs. Is there a quick way to do this ... in Windows? There must be a script, batchfile, command or something that I can run as a scheduled daily task on new logfiles. At times like this I wish I could program. Suggestions welcome please!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

醉梦枕江山 2024-12-18 04:18:36

没有选项（已知或记录 - 可供公众使用）来更改 aspsessionids（经典 asp）的名称。

您可以禁用会话（ASP -> 会话属性 -> 启用会话状态: false) 从 IIS 或使用 @ENABLESESSIONSTATE 指令并继续使用由 asp（而不是 JavaScript）提供的您自己的 cookie。但只有当您的应用程序中不需要会话对象时，这才可以。

更好的方法是使用 Regex（Anthony W Jones 已经提供了 ASP 版本）或 .net（最小简化的 C# 示例）更改日志文件中的这些“字符串”：

Regex rx = new Regex("ASPSESSIONID[A-Z]+=");

string log = rx.Replace(File.ReadAllText("u_ex120618.log"), "ASPSESSIONID=");
Console.WriteLine(log);

有关 aspx 和 IIS 的更多信息

选项是使用处理程序来删除标头。

public class RemoveHttpHeadersModule : IHttpModule
{
    public RemoveHttpHeadersModule()
    {
    }

    public void Dispose()
    {
    }

    public void Init(HttpApplication context)
    {
        if (context != null)
                context.PreSendRequestHeaders += this.OnPreSendRequestHeaders;
    }

    [SuppressMessage("Microsoft.Portability", "CA1903:UseOnlyApiFromTargetedFramework", MessageId = "System.Web.HttpResponse.#get_Headers()")]
    private void OnPreSendRequestHeaders(object sender, EventArgs e)
    {
        try
        {
            HttpContext.Current.Response.Headers.Remove("ETag");
            HttpContext.Current.Response.Headers.Remove("Server");
            HttpContext.Current.Response.Headers.Add("Server", "my server");
        }
        catch (HttpException)
        {
            throw;
        }
    }
}

另一种选择是控制 global.asax 中的所有内容（代码或编译库） - 涵盖您无权访问 IIS 管理器的情况。

删除（和/或添加）标头：

protected internal void Application_PreSendRequestHeaders(object sender, EventArgs e)
{
    HttpContext.Current.Response.Headers.Remove("X-AspNet-Version");
    HttpContext.Current.Response.Headers.Remove("X-Powered-By");
    HttpContext.Current.Response.Headers.Remove("ETag");
    HttpContext.Current.Response.Headers.Remove("Server");
}

处理错误

protected internal void Application_Error(object sender, EventArgs e)
{
    // get the error code            
    int ec = ((HttpException)HttpContext.Current.Error).GetHttpCode();
    // get the request path
    // string req = HttpContext.Current.Request.Path;
    // *** I suggest you to log the error before moving on
    // clear the error to avoid IIS actions
    HttpContext.Current.Server.ClearError();
    if (ec == 404)
    {
        // do what ever you want
    }
    // ... add other error codes handling;
}

下一步是隐藏 aspx。

假设我们希望 .aspx 页面呈现为 .html 这在这里得到解答：将 .html 映射到 IIS7 中的 ASP.NET 管道的正确方法是什么

只需注意选择正确的框架版本即可。如果您无权访问 IIS 管理器，请修改您的 web.config（仅提供此任务所需的内容）：

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers>
            <add name="htmlpipe" path="*.html" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
        </handlers>
    </system.webServer>
</configuration>

上述设置可能会因您的电脑、服务器等而异。拥有具有相同基本属性的测试环境（框架版本，32/64 位），在 IIS 中进行更改，然后检查 web.config 中生成的条目。

请允许我开个玩笑。 “你喜欢这个产品吗？”

谢谢弗兰克，你插入了一些旧磁盘并找到了被遗忘的东西。很抱歉没有提供经典 ASP 的建议。

附言。不要忘记HackedByChinese的回答。

There is no option (known or documented - available to the public) to change the name of aspsessionids (classic asp).

You can disable the session (ASP -> Session Properties -> Enable Session State: false) from IIS or by using the @ENABLESESSIONSTATE directive and move on with your own cookies served from asp (and not by JavaScript). But this is OK only if you don't need the session object in your application.

A better approach is to change these "strings" in log files using Regex (asp version is already presented by Anthony W Jones) or by .net (minimal simplified C# sample):

Regex rx = new Regex("ASPSESSIONID[A-Z]+=");

string log = rx.Replace(File.ReadAllText("u_ex120618.log"), "ASPSESSIONID=");
Console.WriteLine(log);

More about aspx and IIS

One option is to use a handler to remove headers.

public class RemoveHttpHeadersModule : IHttpModule
{
    public RemoveHttpHeadersModule()
    {
    }

    public void Dispose()
    {
    }

    public void Init(HttpApplication context)
    {
        if (context != null)
                context.PreSendRequestHeaders += this.OnPreSendRequestHeaders;
    }

    [SuppressMessage("Microsoft.Portability", "CA1903:UseOnlyApiFromTargetedFramework", MessageId = "System.Web.HttpResponse.#get_Headers()")]
    private void OnPreSendRequestHeaders(object sender, EventArgs e)
    {
        try
        {
            HttpContext.Current.Response.Headers.Remove("ETag");
            HttpContext.Current.Response.Headers.Remove("Server");
            HttpContext.Current.Response.Headers.Add("Server", "my server");
        }
        catch (HttpException)
        {
            throw;
        }
    }
}

Another option is to control everything in global.asax (code or compiled library) - covering the case you don't have access to IIS manager.

Remove (and/or add) headers:

protected internal void Application_PreSendRequestHeaders(object sender, EventArgs e)
{
    HttpContext.Current.Response.Headers.Remove("X-AspNet-Version");
    HttpContext.Current.Response.Headers.Remove("X-Powered-By");
    HttpContext.Current.Response.Headers.Remove("ETag");
    HttpContext.Current.Response.Headers.Remove("Server");
}

Handle errors

protected internal void Application_Error(object sender, EventArgs e)
{
    // get the error code            
    int ec = ((HttpException)HttpContext.Current.Error).GetHttpCode();
    // get the request path
    // string req = HttpContext.Current.Request.Path;
    // *** I suggest you to log the error before moving on
    // clear the error to avoid IIS actions
    HttpContext.Current.Server.ClearError();
    if (ec == 404)
    {
        // do what ever you want
    }
    // ... add other error codes handling;
}

The next step is to hide aspx.

Assume that we want our .aspx pages presented as .html This is answered here: What is the proper way to map .html to the ASP.NET pipeline in IIS7

Just take care to select the correct framework version. If you don't have access to IIS manager, then modify your web.config (presenting only what is needed for this task):

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers>
            <add name="htmlpipe" path="*.html" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
        </handlers>
    </system.webServer>
</configuration>

The above setting may differ to your pc, server etc. Having a testing environment with the same basic attributes (framework version, 32/64bit), make the change in your IIS and then check the generated entry in your web.config.

Allow me to make a joke. "Do you like this product?"

Thank you Frank, you made be plug some old disks and find things that were forgotten. I'm sorry for not having suggestions for classic ASP.

PS. Don't forget the answer by HackedByChinese.

回复收藏 0 原文

情绪操控生活 2024-12-18 04:18:36

如果您使用 .NET 2.0 或更高版本，则可以更改 Cookie通过 web.config 命名。

<configuration>
   <system.web>
      <sessionState cookieName="sessionid" />
   </system.web>
</configuration>

If you are using .NET 2.0 or greater, you can change the cookie name via web.config.

<configuration>
   <system.web>
      <sessionState cookieName="sessionid" />
   </system.web>
</configuration>

回复收藏 0 原文

风苍溪 2024-12-18 04:18:36

赏金描述的答案是：“不是真的”。

您唯一能做的就是完全停止使用会话对象并禁用会话。因此，您需要创建自己的会话管理（例如，将数据存储在数据库中）并使用 cookie 跟踪您自己的会话。

以下是对原始问题（现在已经很老的问题）的回答。

下面是一个 VBScript 函数，它将替换日志文件中的 ASPSessionIDxxxxxxxx=（我假设标准 IIS 日志文件启用了 cookie 日志记录）。

Sub ReplaceASPSessionIDInLog(path)

    Dim fso :  Set fso = CreateObject("Scripting.FileSystemObject")

    Dim stream : Set stream = fso.OpenTextFile(path)
    Dim input: input = stream.ReadAll()
    stream.close()

    Dim rgx : Set rgx = new RegExp
    rgx.Pattern = "ASPSESSIONID.+(?=\=)"
    rgx.Global = True
    rgx.IgnoreCase = True

    Dim output : output = rgx.Replace(input, "SESSIONID")

    Set stream = fso.OpenTextFile(path, 2)
    stream.Write output
    stream.close()

End Sub

The answer to the bounty description is: "not really".

The only thing you can do is stop using session object altogether and disable sessions. You would therefore you need to create your own session management (storing data in a DB for example) and track your own sessions with a cookie.

The following is an answer to the original (now quite old question).

Here is a VBScript function which will replace the ASPSessionIDxxxxxxxx= in a log file (I'm assuming the standard IIS logfiles with cookie logging enabled).

Sub ReplaceASPSessionIDInLog(path)

    Dim fso :  Set fso = CreateObject("Scripting.FileSystemObject")

    Dim stream : Set stream = fso.OpenTextFile(path)
    Dim input: input = stream.ReadAll()
    stream.close()

    Dim rgx : Set rgx = new RegExp
    rgx.Pattern = "ASPSESSIONID.+(?=\=)"
    rgx.Global = True
    rgx.IgnoreCase = True

    Dim output : output = rgx.Replace(input, "SESSIONID")

    Set stream = fso.OpenTextFile(path, 2)
    stream.Write output
    stream.close()

End Sub

回复收藏 0 原文

情深缘浅 2024-12-18 04:18:36

如果您想删除除最后创建的会话 cookie 之外的所有会话 cookie，则此代码有效：

Sub DeleteOldSession(logincookiename)

    Dim strSessionCookie, arrSessionCookie, i, a
    i = 0
    a = 1

    strSessionCookie = Request.ServerVariables("HTTP_COOKIE")

    if strSessionCookie <> "" then

    Dim intCookieValueStart, intCookieValueEnd, intCookieValueLength, strSessionCookieName, strSessionCookieValue

        arrSessionCookie = Split(strSessionCookie,";")

        if Ubound(arrSessionCookie) > 0 then

            if InStr(strSessionCookie,logincookiename) = 0 then a = 0

            if Ubound(arrSessionCookie) > a AND InStr(arrSessionCookie(Ubound(arrSessionCookie)),"NULL") = 0 then

                For i = 0 to Ubound(arrSessionCookie)
                    if i >= a AND InStr(arrSessionCookie(i),"ASPSESSIONID") then
                        intCookieValueStart = InStr(arrSessionCookie(i),"=")
                        intCookieValueEnd = Len(arrSessionCookie(i))
                        intCookieValueLength = intCookieValueEnd - intCookieValueStart
                        strSessionCookieName = Mid(arrSessionCookie(i),1,intCookieValueStart-1)
                        strSessionCookieValue = Mid(arrSessionCookie(i),intCookieValueStart+1,intCookieValueLength)
                        response.write("<script type=""text/javascript"">")
                        response.write("setCookie('" & strSessionCookieName & "','NULL',0)")
                        response.write("</script>")
                        'if lngUser = 1 then response.write("<p class=""alert"">" & strSessionCookieName & "</p>")
                    end if
                Next

            end if

        end if

    end if

end sub

This code works if you want to get rid of all session cookies except the last one created:

Sub DeleteOldSession(logincookiename)

    Dim strSessionCookie, arrSessionCookie, i, a
    i = 0
    a = 1

    strSessionCookie = Request.ServerVariables("HTTP_COOKIE")

    if strSessionCookie <> "" then

    Dim intCookieValueStart, intCookieValueEnd, intCookieValueLength, strSessionCookieName, strSessionCookieValue

        arrSessionCookie = Split(strSessionCookie,";")

        if Ubound(arrSessionCookie) > 0 then

            if InStr(strSessionCookie,logincookiename) = 0 then a = 0

            if Ubound(arrSessionCookie) > a AND InStr(arrSessionCookie(Ubound(arrSessionCookie)),"NULL") = 0 then

                For i = 0 to Ubound(arrSessionCookie)
                    if i >= a AND InStr(arrSessionCookie(i),"ASPSESSIONID") then
                        intCookieValueStart = InStr(arrSessionCookie(i),"=")
                        intCookieValueEnd = Len(arrSessionCookie(i))
                        intCookieValueLength = intCookieValueEnd - intCookieValueStart
                        strSessionCookieName = Mid(arrSessionCookie(i),1,intCookieValueStart-1)
                        strSessionCookieValue = Mid(arrSessionCookie(i),intCookieValueStart+1,intCookieValueLength)
                        response.write("<script type=""text/javascript"">")
                        response.write("setCookie('" & strSessionCookieName & "','NULL',0)")
                        response.write("</script>")
                        'if lngUser = 1 then response.write("<p class=""alert"">" & strSessionCookieName & "</p>")
                    end if
                Next

            end if

        end if

    end if

end sub

回复收藏 0 原文

~没有更多了~