Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

A way to remove specific cookie from HttpRequestHeaders in WebApi

I'm trying to remove specific Set-Cookie header from HttpResponseHeaders in OnActionExecuted method of ActionFilter.

I'm having few issues with that:

  1. I cannot see the way of enumerate headers. The collection is always empty, even if I see headers in debugger.
  2. Because I cannot enumerate, I cannot remove specific header. I can only remove all headers with the same key, but Set-Cookie can have multiple entries.

Currently I'm removing all cookies, but this is not what I want.

public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{                
   HttpResponseHeaders headers = actionExecutedContext.Response.Headers;
   IEnumerable<string> values;
   if (headers.TryGetValues("Set-Cookie", out values))
   {
       actionExecutedContext.Response.Headers.Remove("Set-Cookie");
   }

   base.OnActionExecuted(actionExecutedContext);
}
like image 372
Marcin Avatar asked Oct 19 '15 13:10

Marcin


People also ask

How do I clear a cookie in C#?

Add(new HttpCookie("ASP. NET_SessionId", "")); This code example clears the session state from the server and sets the session state cookie to null. The null value effectively clears the cookie from the browser.

How do I pass cookies in HTTP request?

To send cookies to the server, you need to add the "Cookie: name=value" header to your request. To send multiple Cookies in one cookie header, you can separate them with semicolons. In this Send Cookies example, we are sending HTTP cookies to the ReqBin echo URL.

Can API set cookie?

set() The set() method of the cookies API sets a cookie containing the specified cookie data. This method is equivalent to issuing an HTTP Set-Cookie header during a request to a given URL.


1 Answers

From the link:

You cannot directly delete a cookie on a user's computer. However, you can direct the user's browser to delete the cookie by setting the cookie's expiration date to a past date. The next time a user makes a request to a page within the domain or path that set the cookie, the browser will determine that the cookie has expired and remove it.

So, how to remove/delete cookie in ASP.NET Web Api at action filter level, just try to set expiration date of cookie to a past date:

public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
    var response = actionExecutedContext.Response;
    var request = actionExecutedContext.Request;

    var currentCookie = request.Headers.GetCookies("yourCookieName").FirstOrDefault();
    if (currentCookie != null)
    {
        var cookie = new CookieHeaderValue("yourCookieName", "")
        {
            Expires = DateTimeOffset.Now.AddDays(-1),
            Domain = currentCookie.Domain,
            Path = currentCookie.Path
        };

        response.Headers.AddCookies(new[] { cookie });
    }

    base.OnActionExecuted(actionExecutedContext);
}
like image 177
cuongle Avatar answered Sep 26 '22 01:09

cuongle