停止对Cookie进行编码的IResponseCookies.Append(). dotnetcore 2.0 [英] Stop IResponseCookies.Append() from encoding cookies. dotnetcore 2.0

问题描述

我们正在构建一个dotnetcore 2.0 Web应用程序，该应用程序通过http从旧版系统接收cookie，并在响应中设置cookie.

We are building a dotnetcore 2.0 web app that receiving cookies from a legacy system via http and setting the cookies in the response.

当我调试该应用程序时，我可以看到cookie.value不是url编码的，但是在调用append之后，set-cookie标头是url编码的.这是有问题的，因为当旧版应用按原样读取它们时，旧版Cookie不需要进行编码.

When I debug the app I can see that cookie.value is not url encoded but after calling append the set-cookie headers are url encoded. This is problematic as the legacy cookies need to be unencoded as legacy apps read them as they are.

    public static void AddCookie(this IResponseCookies cookies, Cookie cookie)
    {
        cookies.Append(cookie.Name, cookie.Value, new CookieOptions
        {
            Domain = cookie.Domain,               
            Expires = cookie.Expires == DateTime.MinValue ? null : (DateTimeOffset?) cookie.Expires,
            HttpOnly = cookie.HttpOnly,
            Path = cookie.Path,
            Secure = cookie.Secure
        });
    }

有没有一种方法可以防止对它们进行编码?标志或设置在某处?

Is there a way to prevent them being encoded? A flag or setting somewhere?

我尝试编写owin中间件，但set-cookie标头始终为空.

I tried writing an owin middleware but the set-cookie header is always empty.

public class CookieDecode
{
    private readonly RequestDelegate _next;

    public CookieDecode(RequestDelegate next)
    {
        _next = next;
    }

    public async Task Invoke(HttpContext context)
    {
        var x = context.Response.Headers;
        var y = x["set-cookie"];
        //y is always empty
        await _next.Invoke(context);
    }
}

想法?

推荐答案

否，没有避免URL编码的选项.但是，这里是什么Append 正在执行.您可以尝试以与设置标题相同的方式手动设置标题吗?

No, there is no option to avoid the URL encoding. However, here is what Append is doing. Can you try manually setting the header the same way they do?

    public void Append(string key, string value, CookieOptions options)
    {
        if (options == null)
        {
            throw new ArgumentNullException(nameof(options));
        }

        var setCookieHeaderValue = new SetCookieHeaderValue(
            Uri.EscapeDataString(key),
            Uri.EscapeDataString(value))
        {
            Domain = options.Domain,
            Path = options.Path,
            Expires = options.Expires,
            MaxAge = options.MaxAge,
            Secure = options.Secure,
            SameSite = (Net.Http.Headers.SameSiteMode)options.SameSite,
            HttpOnly = options.HttpOnly
        };

        var cookieValue = setCookieHeaderValue.ToString();

        Headers[HeaderNames.SetCookie] = StringValues.Concat(Headers[HeaderNames.SetCookie], cookieValue);
    }

这篇关于停止对Cookie进行编码的IResponseCookies.Append(). dotnetcore 2.0的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！