How to handle multi value cookies in ASP.NET Core?
CookieManager wrapper allows you to play with objects. you can easily read/write object in asp.net core. it offers you to encrypt the cookie value to secure your data
check out: https://github.com/nemi-chand/CookieManager
Create your poco/object what you want to store in cookie.
public class MyCookie
{
public string Id { get; set; }
public DateTime Date { get; set; }
public string Indentifier { get; set; }
}
fill the object values
MyCookie cooObj= new MyCookie()
{
Id = Guid.NewGuid().ToString(),
Indentifier = "valueasgrsdgdf66514sdfgsd51d65s31g5dsg1rs5dg",
Date = DateTime.Now
};
set the myCookie object
_cookieManager.Set("Key", cooObj, 60);
get the myCookie object
MyCookie objFromCookie = _cookieManager.Get<MyCookie>("Key");
I believe that ASP.NET Core removed the support for the old legacy multi-value cookies because this feature was never standardized.
The RFC definition for cookies explicitly states that using the Set-Cookie
header you can assign a single name/value pair, with optionally metadata associated.
The official implementation of Values
property for .NET HttpCookie
is very brittle, and just serializes/deserializes key-value pairs to/from a string with separators &
for pairs and =
for values.
Mocking this behavior in ASP.NET core should be fairly easy, you could use extension methods to handle those legacy formatted cookies:
public static class LegacyCookieExtensions
{
public static IDictionary<string, string> FromLegacyCookieString(this string legacyCookie)
{
return legacyCookie.Split('&').Select(s => s.Split('=')).ToDictionary(kvp => kvp[0], kvp => kvp[1]);
}
public static string ToLegacyCookieString(this IDictionary<string, string> dict)
{
return string.Join("&", dict.Select(kvp => string.Join("=", kvp.Key, kvp.Value)));
}
}
Using them like this:
// read the cookie
var legacyCookie = Request.Cookies["userInfo"].FromLegacyCookieString();
var username = legacyCookie["userName"];
// write the cookie
var kvpCookie = new Dictionary<string, string>()
{
{ "userName", "patrick" },
{ "lastVisit", DateTime.Now.ToString() }
};
Response.Cookies.Append("userInfo", kvpCookie.ToLegacyCookieString());
Demo: https://dotnetfiddle.net/7KrJ5S
If you need a more complex serialization/deserialization logic (which handles formatting errors and escapes characters in cookie values) you should look and grab some code from the Mono HttpCookie implementation, which, I believe, is a little more robust.