Stop IResponseCookies.Append() from encoding cooki

2019-07-08 09:29发布

站内问答 / C#
1692 1 5

This question already has an answer here:

We are building a dotnetcore 2.0 web app that receiving cookies from a legacy system via http and setting the cookies in the response.

When I debug the app I can see that cookie.value is not url encoded but after calling append the set-cookie headers are url encoded. This is problematic as the legacy cookies need to be unencoded as legacy apps read them as they are.

    public static void AddCookie(this IResponseCookies cookies, Cookie cookie)
    {
        cookies.Append(cookie.Name, cookie.Value, new CookieOptions
        {
            Domain = cookie.Domain,               
            Expires = cookie.Expires == DateTime.MinValue ? null : (DateTimeOffset?) cookie.Expires,
            HttpOnly = cookie.HttpOnly,
            Path = cookie.Path,
            Secure = cookie.Secure
        });
    }

Is there a way to prevent them being encoded? A flag or setting somewhere?

I tried writing an owin middleware but the set-cookie header is always empty.

public class CookieDecode
{
    private readonly RequestDelegate _next;

    public CookieDecode(RequestDelegate next)
    {
        _next = next;
    }

    public async Task Invoke(HttpContext context)
    {
        var x = context.Response.Headers;
        var y = x["set-cookie"];
        //y is always empty
        await _next.Invoke(context);
    }
}

Ideas?

1条回答
放荡不羁爱自由
2楼-- · 2019-07-08 10:09

No, there is no option to avoid the URL encoding. However, here is what Append is doing. Can you try manually setting the header the same way they do?

    public void Append(string key, string value, CookieOptions options)
    {
        if (options == null)
        {
            throw new ArgumentNullException(nameof(options));
        }

        var setCookieHeaderValue = new SetCookieHeaderValue(
            Uri.EscapeDataString(key),
            Uri.EscapeDataString(value))
        {
            Domain = options.Domain,
            Path = options.Path,
            Expires = options.Expires,
            MaxAge = options.MaxAge,
            Secure = options.Secure,
            SameSite = (Net.Http.Headers.SameSiteMode)options.SameSite,
            HttpOnly = options.HttpOnly
        };

        var cookieValue = setCookieHeaderValue.ToString();

        Headers[HeaderNames.SetCookie] = StringValues.Concat(Headers[HeaderNames.SetCookie], cookieValue);
    }
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)