Controller SessionStateBehavior is ReadOnly and I can update Session Variable

by

see Writing to a read only session in MVC 3+

That post claims the behavior is inconsistent.
I am definitely able to write to Session in Controllers using ReadOnly.

I Would treat it like this:

  • Required means you are requesting a exclusive lock on Session (i.e. no parallel processing of requests for the same sessionID)
  • ReadOnly means you are requesting a non-exclusive lock on Session (i.e. your request still has to wait for requests with an exclusive lock to finish, but you can process requests with non-exclusive locks in parallel. However it is up to you to ensure that your code doesn’t write to Session. It’s not necessarily enforced by the framework)

    I realize this is counter to http://msdn.microsoft.com/en-us/library/system.web.sessionstate.sessionstatebehavior.aspx

    Read-only session state is enabled for the request. This means that session state cannot be updated.

    but it seems you in fact can update session state under some scenarios.

    • Leave a Comment

    Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)