停止url编码的cookie [英] Stop url encoding cookie
问题描述
考虑以下ASP.net网页API控制器方法。为了演示目的,它返回一个cookie。会话ID的Cookie有一个base64连接codeD数据。当我的Cookie添加到响应与 response.Headers.AddCookies(新CookieHeaderValue [] {}饼干);
它的URL连接codeS中的数据(文档是<一个href=\"http://msdn.microsoft.com/en-us/library/system.net.http.htt$p$psponseheadersextensions.addcookies%28v=vs.118%29.aspx\"相对=nofollow>这里)。有什么办法,我可以附上cookie的时候没有编码呢?
公开的Htt presponseMessage LogMeIn的()
{
变种响应= Request.CreateResponse&所述; Models.UserAuthResponse&GT;(新Models.UserAuthResponse()); VAR饼干=新CookieHeaderValue(会话ID,K2QRkQaSnwCBpRrAgI1K3w9kTgbArc + xdIJI64e2hz0 =);
cookie.Expires = DateTimeOffset.Now.AddDays(1);
cookie.Domain =.example.com的;
cookie.Path =/;
response.Headers.AddCookies(新CookieHeaderValue [] {饼干});
返回响应;
}
我有同样的问题,因为我想创建由Lotus Domino的SSO的Web应用程序中使用LTPA令牌的cookie,这cookie是的base64 EN codeD,并使用特殊在cookie的字符,如+ = ....。
我觉得要解决这个问题,有三种方式:
- OWIN扩展在Startup.cs
app.Use((背景下,下一个)=&GT;
{
context.Response.Headers ....;
//此处德code和更换饼干
返回next.Invoke();
});
与饼干页面加载后使用javascript:
的document.cookie = EN codeURIComponent(的document.cookie);
或创建扩展这样的最佳方式:
///&LT;总结&gt;
///
///&LT; /总结&gt;
公共静态类CookieExtensions
{
///&LT;总结&gt;
///添加一个新的Cookie和价值
///
///&LT; /总结&gt;
///&LT; PARAM NAME =头&GT;&LT; /参数&GT;
///&LT; PARAM NAME =键/&GT;&LT; PARAM NAME =值/&GT;
公共静态无效AppendUrlDe codedCookie(这IHeaderDictionary头,串键,字符串值)
{
header.AppendValues(设置Cookie键+=+价值+;路径= /);
} ///&LT;总结&gt;
///添加一个新的Cookie
///
///&LT; /总结&gt;
///&LT; PARAM NAME =头&GT;&LT; /参数&GT;
///&LT; PARAM NAME =键/&GT;&LT; PARAM NAME =值/&GT;&LT; PARAM NAME =选项/&GT;
公共静态无效AppendUrlDe codedCookie(这IHeaderDictionary头,串键,字符串值,CookieOptions选项)
{
如果(选项== NULL)
抛出新的ArgumentNullException(选择);
!布尔FLAG1 = string.IsNullOrEmpty(options.Domain);
布尔FLAG2 = string.IsNullOrEmpty(options.Path)!;
布尔hasValue的= options.Expires.HasValue;
header.AppendValues(设置Cookie
键+=+(价值??的String.Empty)+(FLAG1(字符串)空:域=!?)+
(!?FLAG1(字符串)空:options.Domain)+(FLAG2(字符串)空!?;路径=)+
(!?FLAG2(字符串)空:options.Path)+(hasValue的(字符串)空!?;到期=)+
(!hasValue的
? (字符串)空
:options.Expires.Value.ToString(DDD,DD-MMM-YYYY HH:MM:SS
(的IFormatProvider)CultureInfo.InvariantCulture)+GMT)+
(!?options.Secure(字符串)空:安全)+(!?options.HttpOnly(字符串)空:仅Http));
}
}
和您可以使用它是这样的:
response.Headers.AppendUrlDe codedCookie(钥匙,VAL);
或
response.Headers.AppendUrlDe codedCookie(钥匙,VAL,新Microsoft.Owin.CookieOptions
{
PATH =/,
域名= =domain.com
过期日期= ...
});
和这个解决问题。
Consider the following ASP.net web api controller method. For demo purpose it returns a cookie. the session-id cookie has a base64 encoded data. When I add the cookie to the response with response.Headers.AddCookies(new CookieHeaderValue[] { cookie });
it url encodes the data (Documentation is here). Is there any way I can attach the cookie without encoding it?
public HttpResponseMessage LogMeIn()
{
var response = Request.CreateResponse<Models.UserAuthResponse>(new Models.UserAuthResponse());
var cookie = new CookieHeaderValue("session-id", "K2QRkQaSnwCBpRrAgI1K3w9kTgbArc+xdIJI64e2hz0=");
cookie.Expires = DateTimeOffset.Now.AddDays(1);
cookie.Domain = ".example.com";
cookie.Path = "/";
response.Headers.AddCookies(new CookieHeaderValue[] { cookie });
return response;
}
I have the same problem because i want to create LTPA Token cookie used by Lotus Domino SSO web applications and this cookie is base64 encoded and use special characters in cookie like "+=....". I find three way to solve this problem:
- OWIN extension in Startup.cs
app.Use((context, next) =>
{
context.Response.Headers....;
//here decode and replace the cookies
return next.Invoke();
});
using javascript after page load with cookies:
document.cookie = encodeURIComponent(document.cookie);
or the best way to create extension like this:
/// <summary> /// /// </summary> public static class CookieExtensions { /// <summary> /// Add a new cookie and value /// /// </summary> /// <param name="header"></param> /// <param name="key"/><param name="value"/> public static void AppendUrlDecodedCookie(this IHeaderDictionary header, string key, string value) { header.AppendValues("Set-Cookie", key + "=" + value + "; path=/"); } /// <summary> /// Add a new cookie /// /// </summary> /// <param name="header"></param> /// <param name="key"/><param name="value"/><param name="options"/> public static void AppendUrlDecodedCookie(this IHeaderDictionary header, string key, string value, CookieOptions options) { if (options == null) throw new ArgumentNullException("options"); bool flag1 = !string.IsNullOrEmpty(options.Domain); bool flag2 = !string.IsNullOrEmpty(options.Path); bool hasValue = options.Expires.HasValue; header.AppendValues("Set-Cookie", key + "=" + (value ?? string.Empty) + (!flag1 ? (string) null : "; domain=") + (!flag1 ? (string) null : options.Domain) + (!flag2 ? (string) null : "; path=") + (!flag2 ? (string) null : options.Path) + (!hasValue ? (string) null : "; expires=") + (!hasValue ? (string) null : options.Expires.Value.ToString("ddd, dd-MMM-yyyy HH:mm:ss ", (IFormatProvider) CultureInfo.InvariantCulture) + "GMT") + (!options.Secure ? (string) null : "; secure") + (!options.HttpOnly ? (string) null : "; HttpOnly")); } }
And you can use it like this:
response.Headers.AppendUrlDecodedCookie("key", "val");
or
response.Headers.AppendUrlDecodedCookie("key", "val", new Microsoft.Owin.CookieOptions
{
Path = "/",
Domain = ="domain.com",
Expires = Date...
});
And this solve the problem.
这篇关于停止url编码的cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!