How to handle multi value cookies in ASP.NET Core?

CookieManager wrapper allows you to play with objects. you can easily read/write object in asp.net core. it offers you to encrypt the cookie value to secure your data

check out: https://github.com/nemi-chand/CookieManager

Create your poco/object what you want to store in cookie.

public class MyCookie
{
  public string Id { get; set; }

  public DateTime Date { get; set; }

  public string Indentifier { get; set; }
}

fill the object values

MyCookie cooObj= new MyCookie()
{
  Id = Guid.NewGuid().ToString(),
  Indentifier = "valueasgrsdgdf66514sdfgsd51d65s31g5dsg1rs5dg",
  Date = DateTime.Now
};

set the myCookie object

_cookieManager.Set("Key", cooObj, 60);

get the myCookie object

MyCookie objFromCookie = _cookieManager.Get<MyCookie>("Key");

I believe that ASP.NET Core removed the support for the old legacy multi-value cookies because this feature was never standardized.

The RFC definition for cookies explicitly states that using the Set-Cookie header you can assign a single name/value pair, with optionally metadata associated.

The official implementation of Values property for .NET HttpCookie is very brittle, and just serializes/deserializes key-value pairs to/from a string with separators & for pairs and = for values.

Mocking this behavior in ASP.NET core should be fairly easy, you could use extension methods to handle those legacy formatted cookies:

public static class LegacyCookieExtensions
{
    public static IDictionary<string, string> FromLegacyCookieString(this string legacyCookie)
    {
        return legacyCookie.Split('&').Select(s => s.Split('=')).ToDictionary(kvp => kvp[0], kvp => kvp[1]);
    }

    public static string ToLegacyCookieString(this IDictionary<string, string> dict)
    {
        return string.Join("&", dict.Select(kvp => string.Join("=", kvp.Key, kvp.Value)));
    }
}

Using them like this:

// read the cookie
var legacyCookie = Request.Cookies["userInfo"].FromLegacyCookieString();
var username = legacyCookie["userName"];

// write the cookie
var kvpCookie = new Dictionary<string, string>()
{
    { "userName", "patrick" },
    { "lastVisit", DateTime.Now.ToString() }
};
Response.Cookies.Append("userInfo", kvpCookie.ToLegacyCookieString());

Demo: https://dotnetfiddle.net/7KrJ5S

If you need a more complex serialization/deserialization logic (which handles formatting errors and escapes characters in cookie values) you should look and grab some code from the Mono HttpCookie implementation, which, I believe, is a little more robust.

Tags:

C#

Cookies

Asp.Net Core

Recent Posts