Similar:
Multiple cookies with same name
How to handle multiple cookies with the same name?
I am setting a cookie on the page load of my asp control. I have a function gets the cookie and stores it in a var to be used. My question is, after reading the msdn site on cookies, is should I get the cookie from the Request or the Response and then set value of the other? Or should I get the cookie from the Response and set it's value? The last one doesn't seem quite right but I don't know.
MSDN text:
The browser is responsible for managing cookies on a user system. Cookies are sent to the browser via the HttpResponse object that exposes a collection called Cookies. You can access the HttpResponse object as the Response property of your Page class. Any cookies that you want to send to the browser must be added to this collection. When creating a cookie, you specify a Name and Value. Each cookie must have a unique name so that it can be identified later when reading it from the browser. Because cookies are stored by name, naming two cookies the same will cause one to be overwritten.
I assumed that I should get it from the request and set the response cookie, that doesn't seem to be quite right because I have ended up with double cookies with different values. The cookie I am worried about is TRACKINGINFO. It is set on a different sub domain and I need to pick up the value and just add to it and re-set the value.
Here is the request headers from Google Chrome:
ASP.NET_SessionId=bi2ingjjk5f4nhm; referer_domain=dev-znode.local; referer_query=; TRACKINGINFO=1234%2C526%2C1234%2C526; __utma=251778844.1427755012.1389292549.1389292549.1389292549.1; __utmb=251778844.16.10.1389292549; __utmc=251778844; __utmz=251778844.1389292549.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ZNodeCookie; LocaleID=43; TRACKINGINFO=1234%2C526%2C1234%2C526,2508
Request headers:
TRACKINGINFO=1234%2C526%2C1234%2C526,2500; expires=Fri, 10-Jan-2014 19:21:53 GMT; path=/
Yes, you should get cookies from request and set them on response.
There is magic code in HttpResponse that clones new cookies to request (and in your case probably does it in some way you don't expect) so developers can somewhat randomly pick where to read cookies from on server.
It may be cleaner to read cookies early in request lifetime (before any cookies set on response) and set cookies on response late (but not too late as it have to happen before first portion of response body flushed to client).
Related
I'm using httpclient to request a ssl(https://) site. But I note that even if I can get response from that site, but the site still hasn't set cookie in my local. So, I cannot read cookie from filter.CookieManager.GetCookies().
I guess that's due to I have not add certificate when posting data.
I done another testing, I used webview to open this site, then I can get cookies by CookieManager.GetCookies.
So, my question is how I can use httpclient to request "https://" site and make it write cookie in my local.
Read the documentation here for the cookies from response. There is also a working example available.
In a sample/default MVC 4 project, I can see that when the User logs in with Remember Me checkbox on, the persistCookie parameter of the WebSecurity.Login method is set to true.
How exactly does that work? Where exactly is the value of persistCookie is saved? I looked through the tables that are created for the Security feature and do not see anywhere that the user is set to persist login.
What mechanism enables the user to log in? Is it simply the presence of the .ASPXAUTH cookie? Or does it actually compare the cookie value to something that I am not seeing.
How exactly does that work?
By creating a persistent cookie.
Where exactly is the value of persistCookie is saved?
As a file on the client machine so that it survives browser restarts.
What mechanism enables the user to log in?
This mechanism is called persistent cookie. A cookie is considered persistent if when being set the Expires property is being set to some date in the future. In this case the browser will store the cookie on the client computer as a file instead of keeping it in memory.
Here's an example of how creating a persistent cookie looks like in terms of the HTTP protocol:
Set-Cookie: CookieName=CookieValue;Path=/;Expires=Wed, 12-Oct-2016 21:47:09 GMT;
And here's how a setting a session cookie looks like which will not survive browser restarts:
Set-Cookie: CookieName=CookieValue;Path=/;
Now go ahead, download Fiddler and inspect the network traffic to see the difference.
The identity is stored in the cookie and decrypted upon each request.
Persistent cookie means that the cookie will be automatically attached to requests by the browser for some period of time.
No magic and also no need to store open sessions at the server side. As long as a cookie decrypts correctly, it is accepted as the server assumes that no one is able to forge a cookie on its own. This requires that the cookie value is encrypted or at least signed.
When I add a cookie through Response.cookies.add(cookie); My cookie will not be placed on the clients side until the client requests a page from my site. At the time of request .net will do some magic, place the cookie in the response and the client will store it. Is this true? If the above assumption is true I should be able to see unplaced cookies by cookie = response.cookies("foo"). Seems logical, but is it correct?
To sum it up.
I am placing a cookie, then later in the code before the request is served I am checking if the cookie is in the request.cookies("foo") if it is not I am checking the response.cookies("foo"). This method does not work. How would i go about reading a cookie before it is sent to the client side.
The actual question I need answered; Is there a way to view a cookies information before I send it to the browser? Something along the lines of check if cookie is on browser if not do some other check to see if it is waiting to be sent.If it is waiting to be sent read data on it
thank you very much.
If I understood the question correctly then you want to add a cookie to HttpResponse at some point after receiving a request from a client. Then at a later point of processing the request you want to access the same cookie again.
This quote might help you:
"After you add a cookie by using the HttpResponse.Cookies collection, the cookie is immediately available in the HttpRequest.Cookies collection, even if the response has not been sent to the client."
(from http://msdn.microsoft.com/en-us/library/system.web.httpresponse.cookies.aspx)
I suggest you to process the cookie only at one point during the response. Thus you can check if it's available in HttpRequest, and if not then add it to HttpResponse and invoke your additional logic.
I have a program where I want to scrap some useful study material for personal use.
This site maintain a session key and some other key also.
If I tried to go to a nested page then it will end the session.
I'm unable to maintain session key using a web request class.
How can I maintain a session using a web request class?
Please help.
You need to maintain the CookiesCollection across your requests.
var request = (HttpWebRequest)HttpWebRequest.Create("http://www.mysite.com/");
var cookies = new CookieContainer();
//Pass the collection along with each request to maintain session
request.CookieContainer = cookies;
When you get the response back, your container will automatically contain the set of cookies associated with it. You can then reuse that container with subsequent requests.
Essentially you will want to read the session cookie from the response header and pass it back in the header with every request you issue. There may be more to it depending on the application you are targeting.
Got a similar problem when embedding a Page in an iFrame. Solution is, for security purposes sessions get discarded by browsers (mainly IE8). Maybe this is a splution? Google for P3P to get more info.
-sa
I login to a website by HTTPwebrequest, I get an authentication cookie.
When I make a new HTTP-webrequest and add the cookies from the first request to call the next page where I can see my personal data. I see that the cookies will associated with the second request if I debug it but if I check the network traffic I see that are no Cookies transmitted at the second request. I tried many possibilities to see why I don't work but I found nothing.
Does anyone know a solution?