I am breaking my head to figure out a browser specific issue (in Firefox and Chrome). I have spent so much time to try fixing this issue that I have finally thought to create a live demo for the experts here to look into this issue. (Hopefully it pays off)
I have two domains www.nkmekal.com and www.incessantcoding.com
Please use Firefox/Chrome to replicate the issue:
Step 1:
Browse http://www.nkmekal.com/createcookie.aspx
The page just creates a cookie. Below is the code that creates the cookie:
// In On_Load of nkmekal.com/createCookie.aspx
HttpCookie cookie = new HttpCookie("DisCookie");
cookie.Value = "djdjd77676ydjdndgdidjkdnhf";
cookie.HttpOnly = true;
cookie.Expires = DateTime.Now.AddDays(1);
Response.Cookies.Add(cookie);
lblCookieInfo.Text = string.Format("<b>Cookie Name:</b> {0} <br/><br/> <b>Cookie Value:</b> {1} <br/><br/> <b>Cookie Expires On:</b> {2}", cookie.Name, cookie.Value, cookie.Expires);
Step 2:
Now open a new tab in the browser, go to http://www.incessantcoding.com/GoTonkmekal.aspx which basically does a simple 302 redirect to http://www.nkmekal.com/ReadCookie.aspx , below is the code that does this redirect:
// In On_Load of incessantcoding.com/GoTonkmekal.aspx
protected void Page_Load(object sender, EventArgs e)
{
Response.Redirect("http://www.nkmekal.com/ReadCookie.aspx");
}
However I see the below message: (Please see the code of ReadCookie.aspx page in Step 3)
“No Cookie Found :(”
Which means that the domain www.nkmekal.com was unable to read the cookie that it created earlier when you’ve browsed www.nkmekal.com/createcookie.aspx
Step 3:
And the page http://www.nkmekal.com/ReadCookie.aspx just tries to read the above created cookie (in Step 1) and displays cookie data. Below is the code that tries to read the cookie and displays it in the page
// In On_Load of nkmekal/ReadCookie.aspx
HttpCookie cookie = Request.Cookies["DisCookie"];
if (cookie != null)
{
// Resetting expiry date because the browser never sends expiry date to Server,
// as cookies expiration dates are irrelevant to servers.
cookie.Expires = DateTime.Now.AddDays(1);
lblCookieInfo.Text = string.Format("<b>Yes! I found a cookie</b> <br><br><b>Cookie Name:</b> {0} <br/><br/> <b>Cookie Value:</b> {1} <br/><br/> <b>Cookie Expires On:</b> {2}", cookie.Name, cookie.Value, cookie.Expires);
}
else
{
lblCookieInfo.Text = "No Cookie Found :(";
}
The above steps work fine only in IE but not in FireFox/Chrome.
Also, if you want to take a peek at the source code of the two domains you can download them at
http://dl.dropbox.com/u/1248159/incessantcoding.zip
http://dl.dropbox.com/u/1248159/nkmekal.zip
Why am I trying to do this:
So, the reason why I am trying to do this is that there are certain operations that I need to perform in the domain www.incessantcoding.com if there was a cookie created in www.nkmekal.com
And the reason for going with a 302 redirect is that we cannot read cross domain cookies and hence I am trying to get the cookies read from the appropriate domain only (since nkmekal.com can only read its cookies).
Any help/suggestions will be very helpful.
Update: Also quite interestingly, if steps 1 and 3 are performed (leaving out step 2), the cookie value is read in Firefox and Chrome correctly. Its only the 302 way that isn't working.
When saving up a cookie, the domain of the website is also being saved - this is made to avoid cross-domain data exchange - which means: once you save up a cookie from one host - it CANNOT be read from another whatsoever.
but, you can pass the cookie's data via the URL from your original host:
protected void Page_Load(object sender, EventArgs e)
{
HttpCookie cookie = Request.Cookies["DisCookie"];
if (cookie != null)
{
Response.Redirect("http://www.nkmekal.com/ReadCookie.aspx?data=" + cookie.Value);
}
else Response.Redirect("http://www.nkmekal.com/ReadCookie.aspx");
}
And then just usedata in ReadCookie.aspx.
I have finally figured out an alternative and it works just fine! Here is what I've did:
If nkmekal.com creates a DisCookie...I am issueing a 302 redirect to incesscantcoding.com with an encrypted token as a querystring value, then incessentcoding.com will create its own DisCookie based on the querystring value for its domain, so if I want to know if a cookie exists for nkmekal.com I will just look at the Cookies collection for a DisCookie in incessantcoding.com ... I tested this scenario and it seems to be working in both firefox and chrome...
AND later I figured that even google does similar thing when a user logs into one of their service websites...
Hope this helps...
来源:https://stackoverflow.com/questions/9188837/unable-to-read-cookies-in-firefox-chrome-via-302-redirect-but-works-in-ie