CookieContainer bug?
https://stackoverflow.com/questions/1047669
-
20-08-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm confused how CookieContainer handles domain, so I create this test. This test shows cookieContainer doesn't return any cookie for "example.com" but according to RFC it should return at least 2 cookies.
Isn't it a bug?
How make it to work?
Here is a discussion about this bug:
http://social.msdn.microsoft.com/Forums/en-US/ncl/thread/c4edc965-2dc2-4724-8f08-68815cf1dce6
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Net" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
CookieContainer getContainer()
{
CookieContainer result = new CookieContainer();
Uri uri = new Uri("http://sub.example.com");
string cookieH = @"Test1=val; domain=sub.example.com; path=/";
result.SetCookies(uri, cookieH);
cookieH = @"Test2=val; domain=.example.com; path=/";
result.SetCookies(uri, cookieH);
cookieH = @"Test3=val; domain=example.com; path=/";
result.SetCookies(uri, cookieH);
return result;
}
void Test()
{
CookieContainer cookie = getContainer();
lblResult.Text += "<br>Total cookies count: " + cookie.Count + " expected: 3";
Uri uri = new Uri("http://sub.example.com");
CookieCollection coll = cookie.GetCookies(uri);
lblResult.Text += "<br>For " + uri + " Cookie count: " + coll.Count + " expected: 2";
uri = new Uri("http://other.example.com");
coll = cookie.GetCookies(uri);
lblResult.Text += "<br>For " + uri + " Cookie count: " + coll.Count + " expected: 2";
uri = new Uri("http://example.com");
coll = cookie.GetCookies(uri);
lblResult.Text += "<br>For " + uri + " Cookie count: " + coll.Count + " expected: 2";
}
protected void Page_Load(object sender, EventArgs e)
{
Test();
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>CookieContainer Test Page</title>
</head>
<body>
<form id="frmTest" runat="server">
<asp:Label ID="lblResult" EnableViewState="false" runat="server"></asp:Label>
</form>
</body>
</html>
Solution
I just found the fix for this bug and discussed here: http://dot-net-expertise.blogspot.com/2009/10/cookiecontainer-domain-handling-bug-fix.html
Here is the solution:
- Don't use .Add(Cookie), Use only .Add(Uri, Cookie) method.
Call BugFix_CookieDomain each time you add a cookie to the container or before you use .GetCookie or before system use the container.
private void BugFix_CookieDomain(CookieContainer cookieContainer) { System.Type _ContainerType = typeof(CookieContainer); Hashtable table = (Hashtable)_ContainerType.InvokeMember("m_domainTable", System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.GetField | System.Reflection.BindingFlags.Instance, null, cookieContainer, new object[] { }); ArrayList keys = new ArrayList(table.Keys); foreach (string keyObj in keys) { string key = (keyObj as string); if (key[0] == '.') { string newKey = key.Remove(0, 1); table[newKey] = table[keyObj]; } } }
OTHER TIPS
At last they gonna fix it: https://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=478521
//bug fix, exists only in 3.5 FW, please wrap it with defines
//http://dot-net-expertise.blogspot.com/2009/10/cookiecontainer-domain-handling-bug-fix.html
if(!value.Contains("://www.")) //we are going to hit the bug
{
string urlWWW = value.Replace("://", "://www.");
Uri uriWWW = new Uri(urlWWW);
foreach (Cookie c in _cookieContainer.GetCookies(uriWWW))
if (c.Domain.StartsWith("."))
request.Headers["Cookies"] += c.Name + "=" + c.Value + ";"; //manually add the cookies
}
//~bug fix
Lost my day with this issue. CallMeLaNN's response didn't help me (I'm using .Net 4.5). In my case the problem was in order of setting body of request and settings cookies.
In this case cookies will not be sent to server:
var response = (HttpWebRequest)WebRequest.Create("http://localhost:4433/");
using (var requestStream = response.GetRequestStream())
{
using (var streamWriter = new StreamWriter(requestStream))
{
requestStream.Write(RequestContent);
}
}
response.CookieContainer.Add(new Cookie("Name", "Value"));
await response.GetResponseAsync();
To make it work change the order is required:
var response = (HttpWebRequest)WebRequest.Create("http://localhost:4433/");
response.CookieContainer.Add(new Cookie("Name", "Value"));
await response.GetResponseAsync();
using (var requestStream = response.GetRequestStream())
{
using (var streamWriter = new StreamWriter(requestStream))
{
requestStream.Write(RequestContent);
}
}
I've created a fix for this problem that works on Windows 10 / UWP / .NET Core apps. The issue is that the internals for CookieContainer are different, but just as crappy, as they are in the .NET Framework proper. So the accepted solution does not work anymore.
But instead of "fixing" the CookieContainer, I just wrote a version of GetCookies() that gets all the cookies for a particular domain with a string, regardless of their "secure" state or if they are prefixed with a dot. Feel free to modify it as you see fit for your needs, and I'll see about getting a version of it implemented in a future .NET Core release.
using System.Collections.Generic;
using System.Reflection;
namespace System.Net
{
/// <summary>
/// Contains extensions for the <see cref="CookieContaner"/> class.
/// </summary>
public static class CookieContainerExtensions
{
/// <summary>
/// Uses Reflection to get ALL of the <see cref="Cookie">Cookies</see> where <see cref="Cookie.Domain"/>
/// contains part of the specified string. Will return cookies for any subdomain, as well as dotted-prefix cookies.
/// </summary>
/// <param name="cookieContainer">The <see cref="CookieContainer"/> to extract the <see cref="Cookie">Cookies</see> from.</param>
/// <param name="domain">The string that contains part of the domain you want to extract cookies for.</param>
/// <returns></returns>
public static IEnumerable<Cookie> GetCookies(this CookieContainer cookieContainer, string domain)
{
var domainTable = GetFieldValue<dynamic>(cookieContainer, "_domainTable");
foreach (var entry in domainTable)
{
string key = GetPropertyValue<string>(entry, "Key");
if (key.Contains(domain))
{
var value = GetPropertyValue<dynamic>(entry, "Value");
var internalList = GetFieldValue<SortedList<string, CookieCollection>>(value, "_list");
foreach (var li in internalList)
{
foreach (Cookie cookie in li.Value)
{
yield return cookie;
}
}
}
}
}
/// <summary>
/// Gets the value of a Field for a given object instance.
/// </summary>
/// <typeparam name="T">The <see cref="Type"/> you want the value to be converted to when returned.</typeparam>
/// <param name="instance">The Type instance to extract the Field's data from.</param>
/// <param name="fieldName">The name of the Field to extract the data from.</param>
/// <returns></returns>
internal static T GetFieldValue<T>(object instance, string fieldName)
{
BindingFlags bindFlags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Static;
FieldInfo fi = instance.GetType().GetField(fieldName, bindFlags);
return (T)fi.GetValue(instance);
}
/// <summary>
/// Gets the value of a Property for a given object instance.
/// </summary>
/// <typeparam name="T">The <see cref="Type"/> you want the value to be converted to when returned.</typeparam>
/// <param name="instance">The Type instance to extract the Property's data from.</param>
/// <param name="propertyName">The name of the Property to extract the data from.</param>
/// <returns></returns>
internal static T GetPropertyValue<T>(object instance, string propertyName)
{
var pi = instance.GetType().GetProperty(propertyName);
return (T)pi.GetValue(instance, null);
}
}
}
Here is a hack to get around this bug: http://social.microsoft.com/Forums/en-US/netfxnetcom/thread/1297afc1-12d4-4d75-8d3f-7563222d234c It uses reflection.
