Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Passing cookies in Response.Redirect in ASP.NET

Tags:

asp.net

cookies

response.redirect

I'm having a problem passing cookies in ASP.NET to a new URL. I add cookies to the Response like so: 

Response.Cookies.Add(new HttpCookie("Username", Username.Text));

I then issue a redirect:

Response.Redirect(returnURL);

On the new page that I am redirected to, the cookie collection is empty. I try to retrieve a cookie like so:

Request.Cookies["Username"].Value;

Can anyone think of why the cookies are not being passed?

EDIT:

Further info I forgot to add - on the second attempt within the same browser session, the cookies ARE passed correctly with the redirect.

EDIT #2: I have found that if I use "localhost" instead of the actual domain name in the redirect URL, then the cookies are passed correctly on first login. So its only when the redirect URL is the actual domain name that it doesn't work. Strange.

like image 447
tuseau Avatar asked Aug 09 '12 14:08

tuseau

2 Answers

According to HTTP State Management Mechanism

Origin servers MAY send a Set-Cookie response header with any
response. User agents MAY ignore Set-Cookie headers contained in
responses with 100-level status codes but MUST process Set-Cookie
headers contained in other responses (including responses with 400-
and 500-level status codes). An origin server can include multiple
Set-Cookie header fields in a single response. The presence of a
Cookie or a Set-Cookie header field does not preclude HTTP caches
from storing and reusing a response.

So REDIRECTs (3xx) are in the 'other' responses so they should be processed by the browser, which may then drop them for all kinds of reasons. One such cause of the browser rejecting the cookie is when the domain attribute of the cookie is specified and does not have enough dots (like 'localhost') or when the path attribute of the cookie does not case-match the actual path in the URL (cookie's path is case sensitive).

like image 188
Dror Harari Avatar answered Sep 20 '22 07:09

Dror Harari

I've been facing the same issue in a .NET Core 2.1 WebApp . After searching a while I found out that I could use the following to force a cookie not to be lost upon a redirect response. 

HttpContext.Response.Cookies.Append("cookie-name", "cookie-value", new CookieOptions { IsEssential = true });

The docs mention that this property "indicates if this cookie is essential for the application to function correctly. If true then consent policy checks may be bypassed. The default value is false."

This might be an option for you!

like image 44
felixperreault Avatar answered Sep 21 '22 07:09

felixperreault
Sign in to Comment

Related questions

What is benefit of Bridge Pattern [closed]
Unsupported Media Type http response when upload file using c# api.
Adding a checkbox column to asp.net gridview
Internal Server Error 500.24
Async method call and impersonation
Ajax with ViewComponent
Unable to translate bytes [FC] at index 35 from specified code page to Unicode
"Out of Band" Processing Techiniques for asp.net applications
What are some best practices for managing background threads in IIS?
How to add custom ASP.NET pages into sharepoint
Authentication through web.config not authenticating in ASP.net 3.5
Using Compass on Windows with Visual Studio C# and ASP.NET
Shibboleth and .NET
how do i publish my asp.net project to my local iis?
ModalPopupExtender and validation problems
Drawbacks of developing ASP.NET and ASP.NET MVC apps in F#?
Auto-Insert double quotes for HTML attributes broken
Should we develop a custom membership provider in this case?
HttpContext.Current.User.Principal vs WindowsIdentity.GetCurrent()
Download Multiple Files Without Using Zip File

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!