Cookies in ASP.NET Core rc2 - cookies

Can someone pls explain how to store and get cookies in an ASP.NET Core rc2 application? I can only find outdated information about the old HttpContext.Response.Cookies.Get and Add methods, neither of which still exist in Core. Also, the HttpCookie class doesn't seem to exist either.
What is the new cookie class and how can I get and add one?
(Note: I am not specifically taking about authentication cookies, just general data cookies)

For getting request cookie value:
HttpContext.Request.Cookies["<key>"]
Setting response cookie:
HttpContext.Response.Cookies.Append("<key>", <value>, <options?>)

Related

prestashop cookies exceed 4ko

I have a problem with a prestashop project.
prestashop creates cookie that exceed the maximum size authorized (4ko)
I have no idea which module or controller or something create that cookie.
Can you help me to make these cookies smaller or find which controller created these?
Cookie: cp-popup-last-displayed=1662364477; axeptio_cookies={%22$$token%22:%22borew4apbudam6j1zuean%22%2C%22$$date%22:%222022-05-05T07:44:01.399Z%22%2C%22$$completed%22:true%2C%22google_analytics%22:true%2C%22Google_Ads%22:true%2C%22GoogleRemarketing%22:true%2C%22facebook_pixel%22:true%2C%22SendinBlue%22:true}; axeptio_authorized_vendors=%2Cgoogle_analytics%2CGoogle_Ads%2CGoogleRemarketing%2Cfacebook_pixel%2CSendinBlue%2C; axeptio_all_vendors=%2Cgoogle_analytics%2CGoogle_Ads%2CGoogleRemarketing%2Cfacebook_pixel%2CSendinBlue%2C; PrestaShop-d354edfaf436c62a4b18afdcf0ba8174=def50200037b619c0f48c9bbe9df1ef54df14feddd5b02b2da0fca4ac01f3f6f914c5a09976366a5f85290dc5ab81a5a1d5cea42fe8febec03b3b5add5f7886c9f248d93262d3417cb06c0c72bf1bd6d6f618793ba9e8ce72ec073ac37b4a03d0948348680517e6fa8e8356e0651295849031d830d259edbc91f938374520f1ecec10e3c55b3d06bb02800a1aecf2cb4b25e0ed6d30c8335af50d973eb108e59381f609e00b06225889067b32eb204f4baa1da510eb726e35b3d905228373faefb2576259511e6f9a18036652bcd11057c9d3a94e203fbf332cee90403cde93c8ab92de56451a97c1f9f9095e7f9272bffbe0271bd6a7dab673bcf8a11b4db326e1f81089eb928e1737e5ea197c5dbf29aaf48271254461fe1d45b29bcf1f88162084230b42a1904de56b0d4f706500a1b51cd4d7ecdf9253ab5389bbf4d239bafc3b656e626e023a0bd00a0f310e862bd4679616b2c27380aeb09a6909b7e5f35020ca7b2d176f3d54d33f70bcde04446e2e6f115733cab9ed8ff6deae795b3eff5794d625bba6938a8d6a6346b9a3a5ac5776995b848a6dab478ba8905099310499ab58b49b552d874bc15e4619fcd4585525ab59aec7808e94db85e42e04f2504ba22460bda6f025de226e375b7857075bb11d66d05e6d8ec8973aeac9fe1b365c8d22a4a2f77d365f594ae741b4b64f76ddeb908488a7d2bd92f33e455c8568ba5485aa49eb60efc900ed43a581b38745e0316691667e31ca1a1af77175b8e6d0cf8ef9cd3ce3b1e7b4d54663b22c47ad62830d61cee15bd014d528653ff2e2817fecd44a684d7644d70f4ec655469a17a1ab4922127f1e8a415efc06de2a243629e83387f93840edc380a2ca27e96fe7a4ac35c15230b451bb9292671d5592bde1d41f19db1bcae56a746d381ae2c9aa8bb60689f59815edd7a5bcdd660e1bad20d2faba09ec5da28d41d34b0d36aea05af5983e35c0698076c1f1c77d3aab09213631b352d6a96b013eeba9cea8dfb86698ca6694c0e5d5b3d571522b655b5d723d9478e809eee94a31cb2da50f171d2f324e83ee45e525f3ba35c8daffc129cf9619941f5db45e3441fdb269e38f1b183dc6ccac57da33355e0402b9f35c5d7dd98863c46e3aa84e9845a05d655894de821657a96251c446c307a1895afef9cce39ac32a86a9f20b88215d3e9566ddf3857a04fb0d5956ce3ab2e8d0f2aec0527d8533d581a4208109a64d4349867a7059c3b6f0b932da84b260131d56086b8517c870d7521f9dad6368488ada79f28d44e27f672ca752f635bff12d962440223023cc775217aea8224c97212cb740c69d4bc297db262590d9c1b64e78cfa0441dd19b4c1af52dbf8c3d00e7f550b43ae37458e5c1e618992ddcc84cec86a83dc24e4ac85217aa33908724e3bf91e6e2c858b234865733f6ca26cc243ac4bb5e64c16f913536bbd6c027b47d21984616d4ea3b7fca4a759c5fb80f8ac7dc42b5544aa3b4f18e0730bb23849b2a2e6311c56d3ba47f7ff009742c77a86be4399c13e53fa6c81aa7b850e077ad35fb5956873290a6baf117bf7664f89d052af42ef00a7b9eda813593957b3ad24ba9b3c93f1181b7ba690f8a84e3569b472c77ce9a55dd4695372b1ace2e512468ba486072c5f6a07933d145ecad542ce255bc2850e62d531358bc96015f4a3bd708c27e0a918af508298628bbff566403f0785145958f1fdd490d0a356034b71c305a27da3f1316cf5f9516c0006f02bd8b52906f45f5794f20483be4e244adc3a80f8c2efa086e8604369b80c273acc53214b9ebf4ef64161e316a8efdc1bc5d5ab99a01a54261943bf673d821e89f9090f18b557c5b0a2bcd05e01cb9070c31cccb412c6599cbcec96bed2d32a0ee83a6fce774a41c76581b5c8204a65d6baf7491a74dc15b75b4ee2e7cf749afccb53659e1f3c60646fbf3aaf2bac3c08a0cce15ce9b8d48b2bb5de7b349c265840d1c85b037c38490b8b6e808a2e4619a1c745af2780e539c7a70ee3e9ecdba7f2f0e03160df2d46c8fad58df6bf38b77cce9645251e3de3ee065a01a85ae55ffe13e60b9a01b564e112c9c04114d6b443bf19d4ddaa8fa32033d38f93991d9fad5b14e3bb5fc15e3feddfa2498ace541e2740abc3953d6b75dde3353c51c9381a9f3a1291e98790846c2b12fb3f9385ea54598ae5bc6eba04ffd912a7d92f96555283970af4a059ee2f07461690ffffae803a2db4cfb20d7e45083a68fc05866a228684bf44223115a9c7dbe7399fe3fa8a78223c986fb6f5cf5072bc05d4a7dbf737f9e7710e46eb8169b84e8e2263317722e32bd2c4a83374f52cc587d360d346e61b44065204578c6c437823b15f3debda8a7fc0cc892572a2874a39fe512aa7070706a2fb55cbf99201a2ae497b0db8fc3689b74fcd30159f2058615469cd806a8c0ac844667ed8e3e6416050922b03267ad0f299f459532ba68a83264cf892490125117f9b87b658f71d45f848c5410382d741414e79ade6fe76d119a3154e3328fb2b718843ead84aaa05782a253f5505fc7594651d7cec185db9977557737457f3a1ca47ded851cfa197e0f166cdbb6be355eefe4fa51f51bd739978c572e20d260f1ac12c84f80adc687c07a4e8b3b71f85157f50aa76e63b7b4b6da7d740803bf0ec; PHPSESSID=8oeegu4ns8ok86aef2jachr6ml; cp-popup-61=1662364312; cp-popup-63=1662364477; PrestaShop-1875e1269d17c82b34ad3c945ac1416b=def5020083410fcc06100fa0c68af8872e5b28e51d69a3292cd674097c05d91dc4827e2c0219ed776dbc3593f528c3661982864e828f5517abf7e44fc8983a858424916eb151ecc75b32fe8fe56ebb5ad2ef8f49e4d8c946c59d99c0bf72d257b49b12b53270cf2445c69ba717249fca06c1f25d6023574246a1ce0c9de0f0e92fb18362eb7eab4974b9060c6941db0e535b9f872ae7612d4ed0fcc1e34673b585e991f65734367b87b0d2a1a7883471446a60519f4412a5efcd50794b67ce9deb437315fa02c121f12ecfe5010d8cab908ce9c1c1ee0609f2364bea2d266eb9bdd62c9b1334c7931192629656fa240964b84810c08511fb31c01ad2f925631717828540db31671c54d3c5199e57c1f048b8824916239c3736e170c724367eaed5cd0341c9e20c401243d176e9fd2c3ec3cb0027cf2aeedcb7c4411df63899ed6457678ef55bd5ee92ea023fff25179a82db5b666dd78086decd655c0c2a3549cf62b7b316c9415a543a99e0857f31c10fbaa31f7e213698e1fea87bcbefb0bcd65258fe542223f0e405d2e8d36fe06e15b7960db99dd64ce420ab23e00e257f4296a2b48b1f9ed929ed3e46f38c9322ab7ce2187a7edf4f43c963c83cd905a15ffb13174e92ce3d4f03f18bb90b8084bd18d0666e41d3f62a9bc64985f4ff1f9a05bd57bb139de12fcd851cc1ffb13cefcbf1
Prestashop Cookie is being encrypted when sent to client
(see your PrestaShop-d354edfaf436c62a4b18afdcf0ba8174=def50200037b619c0f4...
is the whole encypted cookie content)
You'll have to debug this "server side" by checking the Cookie.php class and dumping the $cookie object in the _setcookie() method
before it getting encrypted.
It is probably because of the Last viewed module. This product stores too many modules inside the Cookie. Do you use this module?

JMeter 5.4.1 Cookie Manager - User-Defined Cookie not added to request's cookies

Firstly, I did add the line CookieManager.check.cookies=false to jmeter.properties.
What I'm Trying to Do
I want to add a cookie to a request's existing cookies.
For example, I see the request has [edited]:
Cookie Data:
c1=sfasfsfsfsfs; c2=erqwerqwrr; c3=poiuopiupoi
Expected Results
I would like it to have:
Cookie Data:
c1=sfasfsfsfsfs; c2=erqwerqwrr; c3=poiuopiupoi; partner=favicon.ico
Here is what I tried:
BASE_URL_2 is a variable defined in the form qa.company.com.
Actual Results
Whatever I have tried so far has not made any change in the cookies.
What else shall I try?
Underlying Motivation
Recorded a Web session and played it back.
Added a RegEx Extractor to pull out a token and then added it to subsequent requests. That helped.
However, certain requests failed with an custom application exception Security violation, please refresh.
Probably session login state is not being passed, so the website thinks the call is "stale".
I've seen this on the GUI when the session expires and you try to click a button on the site.
On comparing the cookies seem in JMeter with what I saw in the Chrome Debugger, it was clear that there were more cookies in the running application than what I had in JMeter.
Are you sure you're using HTTPS protocol because if you have secure flag and using HTTP protocol - the cookie will not be sent.
Also remove = from partner= otherwise you will end up with partner==favicon.ico
Demo:
More information:
Using HTTP cookies
HTTP Cookie Manager Advanced Usage - A Guide

Is there any way to pass cookie to IWebBrowser2 navigate

Is there any way to pass cookie to IWebBrowser's Navigate method.
As far as I can see neither passing Cookie header in headers nor InternetSetCookie/InternetSetCookieEx works with IE11.
The only working method I found is to set cookie via put_cookie of IHTMLDocument2, but for that you have to load page first.
Is there any way to pass cookie to first call of Navigate?
You could try IESetProtectedModeCookie if you are interacting with low-integrity browser controls. This still has limitations as noted in this cookie FAQ:
IE10+ on Windows 8+ introduced Enhanced Protected Mode which uses
AppContainers (rather than Integrity Levels) for isolation. EPM does
not offer an API for interacting with cookies;
IESetProtectedModeCookie will not set the cookie inside an
AppContainer.
Creating AppContainers is not documented so I assume your process is not running in a AppContainer?
This newsgroup thread confirms that you cannot set a cookie in the headers:
In case anybody is interested, I went through Microsoft support to
find out more about this. Their answer: what I want to do is not
supported. The 'headers' argument to Navigate/Navigate2 CANNOT be
used to set cookies.
I'm guessing that refreshing the page after put_cookie is unacceptable?

ExtJS 4.0 cannot read connect.sid from cookie

I try do develop a web application with ExtJs 4.0.
On startup the application sends a request to a server. This server sends a response. The responses' header contains Set-Cookie:"connect.sid=foobar"
When I look into the preferences of my browser, I can see that the cookie was created correctly.
My problem is that somehow I cannot access this cookie in my ExtJs application and I don't know why.
I tried to retrieve it with the following methods:
document.cookie.split(";")[0]
Ext.state.Manager.get("connect.sid"); => of course I initialized the state manager with a cookie provider
Ext.util.Cookies.get("connect.sid");
No matter which method I use, I get always undefined as return value
I hope somebody can help me, because I really don't understand why it does not work.
Thanks in advance.
Finally I found the problem.
The httpOnly flag was set in the response header. Therefore the cookie was not accessible for java script.

Getting a list of cookies set using WatiN

Is there a way to get a list of all the cookies set by a website using WatiN?
The IE Browser class in WatiN provides a GetCookie method that allows you to retrieve a specific cookie, but I would like to iterate over all the cookies that have been set.
There are two methods that should allow you to get the cookies:
CookieCollection cookies = _browser.GetCookiesForUrl(new Uri(url));
and
CookieContainer cookies = _browser.GetCookieContainerForUrl(new Uri(url));
But both of these are empty. Also calling the GetCookie method for a specific cookie returns null.
Any suggestions of how to get this to work?
Recently I had to deal with this situation. At first I thought the cookies I was looking for were HttpOnly, but I took a look using WireShark and there was no HttpOnly flag.
Not sure why GetCookieContainerForUrl fails in this case, but a client side script call revealed the cookies were still there:
ie.Eval("document.cookie");
You might want to try that statement before resorting to packet sniffing every time.
Well, I suppose those methods should work as expected, but maybe you are trying to get HttpOnly cookies? Many sites/web frameworks sets this flag for important cookies, especially when it comes to "session id" cookies. You can't read them in WatiN and it's really hard to read them at all. I was looking for solution once and only one I got was article: Retrieve HttpOnly Session Cookie in WebBrowser
If you want to know if the site you are trying to get cookies is setting HttpOnly flag on the cookie, use Fiddler2 and look in response headers.