Menu
I am working on .Net Core 2.0 MVC Web Application. There is a need to manipulate authentication cookie to set expire time span based on user role. After the expire time span, the user will be logged out of the application if there is no activity. In order to that, I created a Filter which is being called everytime user interacts with the site. In that filter, I am basically reading cookie value, store it in the temp variable, delete existing cookie, and append new cookie with same key and value to the response.
var cookieContent = Request.Cookie[key];
Response.Cookies.Delete(key);
Response.Cookies.Append(new cookie with same name and value);
I am able to create a new cookie with required expire time, and it does work fine.
My problem here is, Response.Cookies.Delete(key); doesn't really delete the cookie.
Microsoft documentation says we cannot delete the cookie from the user's pc. so is there any way to delete the cookie from hard-drive? If not, what does Response.Cookies.Delete(cookie); do?
831
When the Remove Cookie Button is clicked, DeleteCookie Action method is executed which removes the Cookie from Request. Cookies collection using the Delete method. //Set the Expiry date of the Cookie. CookieOptions option = new CookieOptions();
Introduction. HTTP Cookie is some piece of data which is stored in the user's browser.
Cookies are represented as key-value pairs, and you can take advantage of the keys to read, write, or delete cookies. ASP.NET Core uses cookies to maintain session state; the cookie that contains the session ID is sent to the client with each request.
In ASP.NET Core, you can/should use the following method:
private void DeleteCookies()
{
foreach (var cookie in HttpContext.Request.Cookies)
{
Response.Cookies.Delete(cookie.Key);
}
}
What this does internally is to send 'Set-Cookie' directives in the Http Response Header to instruct the browser to both expire the cookie and clear its value.
Example response header:
HTTP/1.1 302 Found
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: Cookie1=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=lax
Set-Cookie: Cookie2=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=lax
Set-Cookie: Cookie3=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=lax
var Cookieoption1 = new CookieOptions();
Cookieoption1.Path = HttpContext.Request.PathBase;
foreach (var cookieKey in Request.Cookies.Keys)
{
HttpContext.Response.Cookies.Delete(cookieKey, Cookieoption1);
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
