Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Adding multiple Set-Cookie Headers in ASP.NET Web

Tags:

cookies

asp.net-web-api

web

I faced a problem.

When you add multiple Set-Cookie headers to the response

headers.Add("Set-Cookie", "a=b;Path=/;"); headers.Add("Set-Cookie", "c=d;Path=/;");

actually they are combined and only one header is sent with comma-separated cookies

Set-Cookie: a=b;Path=/;,c=d;Path=/;

According to RFC2109 it is a valid syntax. But it is not according to RFC6265, which deprecates RFC2109

Moreover latest browsers does not support this comma-separated syntax as well. Tested on IE9, Firefox 13 and Google Chrome 20.

All of these browsers took first cookie only.

Please see the sample project below

https://github.com/mnaoumov/cookie-bug/

I want to find some workaround.

I expect to have two different Set-Cookie headers.

I tried to write some MessageInspector to rewrite HTTP headers. I could not find how to access that headers.

Any ideas?

P.S. Used technology: Web API

like image 885
mnaoumov Avatar asked Jul 18 '12 03:07

mnaoumov

People also ask

Can you have multiple set-cookie headers?

The Set-Cookie HTTP response header is used to send a cookie from the server to the user agent, so that the user agent can send it back to the server later. To send multiple cookies, multiple Set-Cookie headers should be sent in the same response.

Can you have multiple cookies with the same name?

If multiple cookies of the same name match a given request URI, one is chosen by the browser. The more specific the path, the higher the precedence. However precedence based on other attributes, including the domain, is unspecified, and may vary between browsers.

What is the difference between set-cookie and cookie header?

The Set-Cookie header is sent by the server in response to an HTTP request, which is used to create a cookie on the user's system. The Cookie header is included by the client application with an HTTP request sent to a server, if there is a cookie that has a matching domain and path.

How do you add a cookie to a header?

To send cookies to the server, you need to add the "Cookie: name=value" header to your request. To send multiple Cookies in one cookie header, you can separate them with semicolons. In this Send Cookies example, we are sending HTTP cookies to the ReqBin echo URL.

1 Answers

According to answer on codeplex (http://aspnetwebstack.codeplex.com/workitem/288) this issue is known issue and related to WCF self-hosting and should be fixed by moving to IIS hosting.

This is WCF 4 issue which marked as won't fix.

Found another question with the same outcome WCF 4.0 Cookie Only First is Recorded by Browser.

like image 169
mnaoumov Avatar answered Nov 10 '22 19:11

mnaoumov
Sign in to Comment

Related questions

Serve Images in Next-Gen Formats
Docker-compose hangs on Attaching to
Angular 8 viewChild returns undefined
What is the difference between local storage and cache in the browser? [closed]
Print barcodes from web page to Zebra printer
Measure full page size in Chrome DevTools
Opening PDF in a browser with Github Pages
when to use index.php instead of index.html
Images in SVG Image tags not showing up in Chrome, but displays locally?
What is the point of www in web urls? [closed]
What does dollar sign $ do in url?
Why CSRF token should be in meta tag and in cookie?
Forcing SSL and WWW using .htaccess
converting .wav file to .ogg in javascript
beautiful websites using Emacs's org mode [closed]
Firebase Hosting - password protect website?
known services to validate csv file [closed]
HTML sections 100% height of viewport [duplicate]
Spring boot + thymeleaf in IntelliJ: cannot resolve vars
How to take a snapshot of HTML5-JavaScript-based video player?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!