使用.net（C＃）System.Net.Cookie处理cookie值中的逗号 [英] handling a comma inside a cookie value using .net's (C#) System.Net.Cookie

问题描述

我正在创建一个客户端访问网站并登录+自动执行一些任务，但是他们最近更新了他们的cookie到（因为任何原因...）在其标识cookie中包含逗号。

例如，Cookie的值类似于：

  a，bcdefghijklmnop 
  

问题是，根据 msdn 您不能在cookie的值中使用逗号或句点。我正在寻找的是解决这个限制的方法，一些方法使.net的Cookie的工作很好用逗号。我发现服务器确实发送一个'SET-COOKIE'头到客户端，我猜这是正在解析，但是这似乎也明显给commans和分号的特殊意义（因此，限制.NET里面的类本身）。

但是，然后浏览器如IE，Firefox等等如何正确处理cookie（因为他们清楚，因为网站工作正常在任何浏览器我

任何帮助将不胜感激，谢谢。

--- EDIT ---

一些其他信息：

我的代码看起来像这样：

  request =（HttpWebRequest）WebRequest.Create 
 request.CookieContainer = Program.client.cookieJar; 
  

其中cookieJar在Program.client中定义为：

  CookieContainer cookieJar = new CookieContainer（）; 
 

当我循环并打印出CookieContainer中的所有cookie时，我得到这样： Cookie的格式为：name - >value）

 normal_cookie - > 我是值
messedup_cookie - > a
bcdefghijklmnop - > 
 
 //我应该得到的是：
normal_cookie - > 我是值
messedup_cookie - > a，bcdefghijklmnop
  

问题的核心似乎是逗号和半冒号是保留字符在SET-COOKIE头字符串...但是如何做浏览器如何处理这？我可以自己解析字符串，但我不知道如何绕过情况，如这一个：（HTTP头，格式：name - >value）

 Set-Cookie - > messedup_cookie = a，bcdefghijklmnop; path = /; domain = .domain.com; expires = Sat，15-Aug-2009 09:14:24 GMT，anothervariable = i am the value; 
  

如你所见，expires部分查找逗号而不是分号，下一个变量。就我可以告诉，它的格式：

  cookie1_var1 = value; cookie1_var2 = value，cookie2_var1 = value; cookir2_var2 = value 
  

但是如果这是真的，有一个优雅的方式来处理可能发生在里面的逗号

以下文章，您应该考虑UrlEncode和UrlDecode在Cookie中存储值。 p>

  private void SetCookie（）
 {
 HttpCookie cookie = new HttpCookie（cookiename）; 
 cookie.Expires = DateTime.Now.AddMonths（24）; 
 cookie.Values.Add（name，Server.UrlEncode（txtName.Text））; 
 Response.Cookies.Add（cookie）; 
} 
 
 private void GetCookie（）
 {
 HttpCookie cookie = Request.Cookies [cookiename]; 
 if（cookie！= null）
 {
 txtName.Text = Server.UrlDecode（cookie.Values [name]）; 
} 
} 
  

ASP.NET中的HTML编码一个cookie！它会导致一个黄色的
屏幕死亡和一个异常
，表明该cookie包含
个危险字符。

MSDN也有

ASP.NET不会将
Cookie以UrlEncode格式编码或解除
默认。因此，您可能
在
ASP.NET应用程序中遇到意外行为。

I'm creating a client to visit a website and log in + do some tasks automatically, however they recently updated their cookies to (for whatever reason...) contain a comma inside their identification cookie.

So for example, the Cookie will have a value similar to this:

a,bcdefghijklmnop

The problem is, according to msdn you can't use a comma nor a period inside a cookie's value. What I'm looking for is a way around this limitation, some way to make .net's Cookie's work nice with the commas. I've found that the server does send a 'SET-COOKIE' header to the client and I'm guessing that's what is being parsed, but that also seems to obviously give special meaning to commans and semicolons as well (thus the limitation of the class inside .NET itself).

But then how does a browser such as IE, Firefox, etc... handle the cookie properly (as they clearly do, since the website works fine in any browsers I've tested it with.) Is there maybe a way to force this behaviour in .NET?

Any help would be appreciated, thanks.

--- EDIT ---

some additional information:

My code looks something like this:

request = (HttpWebRequest)WebRequest.Create(URI); 
request.CookieContainer = Program.client.cookieJar;

Where cookieJar is defined in Program.client as:

CookieContainer cookieJar = new CookieContainer();

When i loop through and print out all the cookies in the CookieContainer, I get something like this: (cookies, in the format: "name" -> "value")

"normal_cookie" -> "i am the value" 
"messedup_cookie" -> "a" 
"bcdefghijklmnop" -> "" 

// What I should get is this: 
"normal_cookie" -> "i am the value" 
"messedup_cookie" -> "a,bcdefghijklmnop" 

The core of the problem seems to be that commas and semi colons are reserved characters in the SET-COOKIE header string...but then how do browsers handle this? I can probably parse the string myself but I don't know how to get around situations such as this one: (HTTP header, in the format: "name" -> "value")

"Set-Cookie" -> "messedup_cookie=a,bcdefghijklmnop; path=/; domain=.domain.com; expires=Sat, 15-Aug-2009 09:14:24 GMT,anothervariable=i am the value;"

As you can see, the expires section looks for a comma instead of a semicolon to differentiate itself from the next variable. As far as I can tell, it's in the format:

cookie1_var1=value; cookie1_var2=value,cookie2_var1=value; cookir2_var2=value

But if that's true, is there an elegant way to deal with commas that may occur inside one of the values?

解决方案

According to the following article, you should consider UrlEncode and UrlDecode for storing values in cookies.

private void SetCookie()
{
    HttpCookie cookie = new HttpCookie("cookiename");
    cookie.Expires = DateTime.Now.AddMonths(24);
    cookie.Values.Add("name", Server.UrlEncode(txtName.Text));
    Response.Cookies.Add(cookie);
}

private void GetCookie()
{
    HttpCookie cookie = Request.Cookies["cookiename"];
    if (cookie != null)
    {
        txtName.Text = Server.UrlDecode(cookie.Values["name"]);
    }
}

Don’t ever HTML encode a cookie in ASP.NET! It results in a yellow screen of death and an exception stating that the cookie contains dangerous characters.

MSDN also has an article on the subject.

ASP.NET does not encode or unencode cookies in UrlEncode format by default. As a result, you may encounter unexpected behavior in ASP.NET applications.

这篇关于使用.net（C＃）System.Net.Cookie处理cookie值中的逗号的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！