C＃ - HttpClient的未发送任何cookie [英] C# - HttpClient is not sending any cookies

问题描述

我正在开发两个网站名称www.web1.com和www.web2.com。
在web1的我保存的HTTP cookie如下

I am developing two websites names www.web1.com and www.web2.com. In web1 I am saving a http cookie as below

 HttpCookie AuthCookie = new HttpCookie(AppConstants.Cookie.AUTH_COOKIE);
 AuthCookie.Path = "/";
 AuthCookie.Value = "value1";
 Response.Cookies.Add(AuthCookie);

现在我想要的是在第二个网站看此cookie即web2的。我试图读取使用的HttpClient如下

Now what I want is to read this cookie in the second website i.e. web2. I am trying to read it using HttpClient as below

 HttpClientHandler handler = new HttpClientHandler();
 handler.CookieContainer = new CookieContainer();

 HttpClient client = new HttpClient(handler);
 response = client.GetAsync("http://www.web1.com").Result;

 var cookies = cookies.GetCookies(new Uri("http://www.web1.com"));

这不返回任何cookie，通过检查提琴手也。但是，如果我直接打开www.web1.com和检查提琴手然后将其发送该cookie。

This doesn't returns any cookies, checked via Fiddler as well. But if I directly open the www.web1.com and check fiddler then it sends the cookie.

请看看我缺少这样的cookie不会从HttpClient的恢复。

Please see what I am missing so that the cookie is not returned from httpclient.

谢谢，

SB

Thanks,
SB

推荐答案

您无法获得或另一个域设置的Cookie。这将是一个巨大的安全问题。 （你会要我读我的网站上你的网站的Cookie？）

You can't get or set cookies for another domain. That would be a huge security issue. (would you want me reading your site's cookies on my site?)

一些相关的帖子：

1. Create 1网站asp.net authenicated饼干另一


2. 我需要把所有从饼干浏览器


3. 创建跨域
饼干

4. 跨域饼干

1. Create a asp.net authenicated cookie on 1 site for another
2. I need to get all the cookies from the browser
3. Create cookie with cross domain
4. Cross domain cookies

更新：澄清的一点：作为一个服务器，你不能获得或另一个域，客户端上设置Cookie这是你想要做什么。作为客户端，您可以修改/删除cookies，一个服务器组你。

UPDATE: A bit of clarification: As a server, you can't get or set cookies on a client for another domain, which is what you want to do. As a client, you can modify / delete cookies that a server sets for you.

1. 在你的榜样，您的服务器端code 发出请求到web1.com。你是不是会得到一个随机的客户端的cookie。客户端是不是在你上面的code。在所有参与。

1. In your example, your server-side code is making the request to web1.com. You are not going to get a cookie for a random client. The client isn't involved at all in your code above.

如果我访问web1.com并设置一个名为用户名与鲍勃的值的cookie，我可以作为一个客户端，修改这个cookie拥有的管理员的值，然后可能有管理员权限到您的网站，这取决于你如何处理你的cookies。

If I visit web1.com and you set a cookie called "username" with a value of "bob", I can, as a client, modify this cookie to have a value of "admin" and then potentially have admin rights to your site, depending on how you are handling your cookies.

这篇关于C＃ - HttpClient的未发送任何cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！