Fog Creek Software
Discussion Board




MS MapPoint Dynamic URL

Greetings, all.

I ran into this today & was wondering if anyone could offer some info on how and/or why the following might be done:

When browsing to www.mappoint.com, you are redirected to mappoint.msn.com.  The funny thing is, each time I was redirected, the URL was different...

Redirected to:
1.  mappoint.msn.com/(hrkuammfnisqyb55xxiuer45)/home.aspx
2.  mappoint.msn.com/(bq4dmtrnyglf0q555qexny3w)/home.aspx
3.  mappoint.msn.com/(gdrnwqivm2onhp551bof033s)/home.aspx

...etc.

This piqued my curiosity...Any thoughts on this?  I can't imagine MS having virtual directories with names like that, so I'm sure it's dynamically generated - but why/how?

Jeff MacDonald
Friday, June 06, 2003

It's a session identifier.

For some reason, they use it instead of cookies. Either you have cookies disabled, or they decided cookies isn't good for them.

Ori Berger
Friday, June 06, 2003

vBulletin does this as well, and I wish it didn't, but it helps keep track of you being logged in if you don't have cookies enabled.

It's a random string that exists on the server in your browser, it helps them keep track of you as you browse around the site (like what addresses you've typed in) so when you click on "recent addresses" it remembers it.

It's because HTTP is stateless.

www.MarkTAW.com
Friday, June 06, 2003

Judging from the aspx extension, this is an example of ASP.NET's support for cookieless sessions.  Basically, you add a key to web.config and ASP.NET automatically inserts the session ID as you see here rather than tracking the session based on a cookie. 

This is a very nice feature with one big problem -- they don't support a combination of cookie + cookieless sessions so you can't use a cookie for backup if the user closes their browser or leaves the site.

SomeBody
Friday, June 06, 2003

Hm. I haven't looked into it, but the way I would *want* it to work would be to use cookies if they're enabled, then cookieless if they're not.

Philo

Philo
Friday, June 06, 2003

Philo - I agree. In vBulletin it's an option per-user, the problem being, Google is an anonymous (unregistered) visitor, and it keeps putting different session strings in the URL... Google eventually gives up on your site eventually because everytime it comes back links have all changed and none of the old pages are there.

www.MarkTAW.com
Friday, June 06, 2003

.NET will extract the session id from the url. When (if) you fetch the url from .NET, it will leave out the parenthesized part. Pretty cool.

Steve
Sunday, June 08, 2003

It was probably done for performance reasons.

By doing essentially GETS (well not that different from POST) you save some trouble when you try to offload to the session tracking to another server.

So the session tracking server would take your request, track the session, and pass on the real work to the cluster.

It is basically a thin ISAPI wrapper or a caching box from Cisco/IBM that strips out the request in a quick and efficient way in the back end, allowing a few servers to handle the request of many servers.

Li-fan Chen
Monday, June 09, 2003

I'm not as fluent in the .net technologies as I'd like, so I was not familiar with the "how" behind, for example, session management in a multi-server environment.  I suppose that explains it.

Hmm...extracting session info from the URL....that is cool.

Thanks for all the info.

Jeff MacDonald
Monday, June 09, 2003

*  Recent Topics

*  Fog Creek Home