handling a comma inside a cookie value using .net's (C#) System.Net.Cookie

ぐ巨炮叔叔 提交于 2019-12-18 03:29:04

问题


I'm creating a client to visit a website and log in + do some tasks automatically, however they recently updated their cookies to (for whatever reason...) contain a comma inside their identification cookie.

So for example, the Cookie will have a value similar to this:

a,bcdefghijklmnop

The problem is, according to msdn you can't use a comma nor a period inside a cookie's value. What I'm looking for is a way around this limitation, some way to make .net's Cookie's work nice with the commas. I've found that the server does send a 'SET-COOKIE' header to the client and I'm guessing that's what is being parsed, but that also seems to obviously give special meaning to commans and semicolons as well (thus the limitation of the class inside .NET itself).

But then how does a browser such as IE, Firefox, etc... handle the cookie properly (as they clearly do, since the website works fine in any browsers I've tested it with.) Is there maybe a way to force this behaviour in .NET?

Any help would be appreciated, thanks.

--- EDIT ---

some additional information:

My code looks something like this:

request = (HttpWebRequest)WebRequest.Create(URI); 
request.CookieContainer = Program.client.cookieJar;

Where cookieJar is defined in Program.client as:

CookieContainer cookieJar = new CookieContainer();

When i loop through and print out all the cookies in the CookieContainer, I get something like this: (cookies, in the format: "name" -> "value")

"normal_cookie" -> "i am the value" 
"messedup_cookie" -> "a" 
"bcdefghijklmnop" -> "" 

// What I should get is this: 
"normal_cookie" -> "i am the value" 
"messedup_cookie" -> "a,bcdefghijklmnop" 

The core of the problem seems to be that commas and semi colons are reserved characters in the SET-COOKIE header string...but then how do browsers handle this? I can probably parse the string myself but I don't know how to get around situations such as this one: (HTTP header, in the format: "name" -> "value")

"Set-Cookie" -> "messedup_cookie=a,bcdefghijklmnop; path=/; domain=.domain.com; expires=Sat, 15-Aug-2009 09:14:24 GMT,anothervariable=i am the value;"

As you can see, the expires section looks for a comma instead of a semicolon to differentiate itself from the next variable. As far as I can tell, it's in the format:

cookie1_var1=value; cookie1_var2=value,cookie2_var1=value; cookir2_var2=value

But if that's true, is there an elegant way to deal with commas that may occur inside one of the values?


回答1:


According to the following article, you should consider UrlEncode and UrlDecode for storing values in cookies.

private void SetCookie()
{
    HttpCookie cookie = new HttpCookie("cookiename");
    cookie.Expires = DateTime.Now.AddMonths(24);
    cookie.Values.Add("name", Server.UrlEncode(txtName.Text));
    Response.Cookies.Add(cookie);
}

private void GetCookie()
{
    HttpCookie cookie = Request.Cookies["cookiename"];
    if (cookie != null)
    {
        txtName.Text = Server.UrlDecode(cookie.Values["name"]);
    }
}

Don’t ever HTML encode a cookie in ASP.NET! It results in a yellow screen of death and an exception stating that the cookie contains dangerous characters.

MSDN also has an article on the subject.

ASP.NET does not encode or unencode cookies in UrlEncode format by default. As a result, you may encounter unexpected behavior in ASP.NET applications.




回答2:


To handle the cookie, since a cookie is essentially a string, you may like to try URL Encoding the cookie value before setting it, and then Decoding it when you pull out the value.

i.e.:

Response.Cookies["Value1"] = Server.UrlEncode(sCookieValue);

and similarly:

string sCookieValue = Server.UrlDecode(Request.Cookies["Value1"]);


来源:https://stackoverflow.com/questions/1136405/handling-a-comma-inside-a-cookie-value-using-nets-c-system-net-cookie

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!