I'm having troubles with HttpWebRequest/HttpWebResponse and cookies/CookieContainer/CookieCollection. The thing is, if the web server does not send/use a "path" in the cookie, Cookie.Path equals the path-part of the request URI instead of "/" or being empty in my application. Therefore, those cookies do not work for the whole domain, which it actually does in proper web browsers. Any ideas how to solve this issue?
我遇到了HttpWebRequest / HttpWebResponse和cookies / CookieContainer / CookieCollection的麻烦。问题是,如果Web服务器不在cookie中发送/使用“路径”,Cookie.Path等于请求URI的路径部分而不是“/”或在我的应用程序中为空。因此,这些cookie不适用于整个域,它实际上在适当的Web浏览器中。任何想法如何解决这个问题?
Thanks in advance
提前致谢
3 个解决方案
#1
4
Ah, I see what you mean. Generally what browsers really do is take the folder containing the document as the path; for ‘/login.php’ that would be ‘/’ so it would effectively work across the whole domain. ‘/potato/login.php’ would be limited to ‘/potato/’; anything with trailing path-info parts (eg. ‘/login.php/’) would not work.
啊,我明白你的意思了。通常,浏览器真正做的是将包含文档的文件夹作为路径;对于'/login.php',它将是'/',因此它可以在整个域中有效地工作。 '/potato/login.php'将仅限于'/ potato /';任何带有尾随路径信息的部分(例如'/login.php/')都行不通。
In this case the Netscape spec could be considered wrong or at least misleading in claiming that path defaults to the current document path... depending on how exactly you read ‘path’ there. However the browser behaviour is consistent back as far as the original Netscape version. Netscape never were that good at writing specs...
在这种情况下,Netscape规范可能被认为是错误的,或至少误导声称路径默认为当前文档路径...取决于您在那里读取“路径”的具体程度。但是,浏览器行为与原始Netscape版本一致。 Netscape从来没有那么擅长编写规范......
If .NET's HttpWebRequest is really defaulting CookieContainer.Path to the entire path of the current document, I'd file a bug against it.
如果.NET的HttpWebRequest确实将CookieContainer.Path默认为当前文档的整个路径,我会针对它提出错误。
Unfortunately the real-world behaviour is not actually currently described in a standards document... there is RFC 2965, which does get the path thing right, but makes several other changes not representative of real-world browser behaviour, so that's not wholly reliable either. :-(
遗憾的是,现实世界中的行为实际上并没有在标准文档中进行描述......有RFC 2965确实让路径正确,但是其他一些变化并不能代表真实世界的浏览器行为,所以这并不完全可靠无论是。 :-(
#2
1
Seems like I cannot go any further with the default cookie handler, so I got annoyed and I did it the hard way. Haha. So parsing response.Headers["Set-Cookie"] myself is my solution. Not my preferred one but it works. And I simply eliminated the problem with splitting at the wrong comma using regular expressions.
好像我不能继续使用默认的cookie处理程序,所以我很生气,我很难做到。哈哈。所以解析response.Headers [“Set-Cookie”]我自己是我的解决方案。不是我喜欢的,但它有效。我只是使用正则表达式分解错误的逗号来消除问题。
If I could give out points here, I would give you some of them, bobince, because you gave me valuable information. I would also vote up if I could (need higher rep. score), but since this behavior probably is a bug, as you mentioned, I will accept that as an answer.
如果我能在这里给出分数,我会给你一些,因为你给了我有价值的信息。如果可以,我也会投票(需要更高的代表得分),但由于这种行为可能是一个错误,正如你所提到的,我会接受这个作为答案。
Thank you. :)
谢谢。 :)
#3
0
That's the way cookies work. ‘Proper’ web browsers do exactly the same, as originally specified in the ancient Netscape cookies doc: http://cgi.netscape.com/newsref/std/cookie_spec.html
这就是cookie的工作方式。 '正确'的网络浏览器完全相同,就像最初在古老的Netscape cookies doc中指定的那样:http://cgi.netscape.com/newsref/std/cookie_spec.html
Web apps must effectively always set a ‘path’ (often ‘/’).
Web应用程序必须始终设置“路径”(通常为“/”)。
#1
4
Ah, I see what you mean. Generally what browsers really do is take the folder containing the document as the path; for ‘/login.php’ that would be ‘/’ so it would effectively work across the whole domain. ‘/potato/login.php’ would be limited to ‘/potato/’; anything with trailing path-info parts (eg. ‘/login.php/’) would not work.
啊,我明白你的意思了。通常,浏览器真正做的是将包含文档的文件夹作为路径;对于'/login.php',它将是'/',因此它可以在整个域中有效地工作。 '/potato/login.php'将仅限于'/ potato /';任何带有尾随路径信息的部分(例如'/login.php/')都行不通。
In this case the Netscape spec could be considered wrong or at least misleading in claiming that path defaults to the current document path... depending on how exactly you read ‘path’ there. However the browser behaviour is consistent back as far as the original Netscape version. Netscape never were that good at writing specs...
在这种情况下,Netscape规范可能被认为是错误的,或至少误导声称路径默认为当前文档路径...取决于您在那里读取“路径”的具体程度。但是,浏览器行为与原始Netscape版本一致。 Netscape从来没有那么擅长编写规范......
If .NET's HttpWebRequest is really defaulting CookieContainer.Path to the entire path of the current document, I'd file a bug against it.
如果.NET的HttpWebRequest确实将CookieContainer.Path默认为当前文档的整个路径,我会针对它提出错误。
Unfortunately the real-world behaviour is not actually currently described in a standards document... there is RFC 2965, which does get the path thing right, but makes several other changes not representative of real-world browser behaviour, so that's not wholly reliable either. :-(
遗憾的是,现实世界中的行为实际上并没有在标准文档中进行描述......有RFC 2965确实让路径正确,但是其他一些变化并不能代表真实世界的浏览器行为,所以这并不完全可靠无论是。 :-(
#2
1
Seems like I cannot go any further with the default cookie handler, so I got annoyed and I did it the hard way. Haha. So parsing response.Headers["Set-Cookie"] myself is my solution. Not my preferred one but it works. And I simply eliminated the problem with splitting at the wrong comma using regular expressions.
好像我不能继续使用默认的cookie处理程序,所以我很生气,我很难做到。哈哈。所以解析response.Headers [“Set-Cookie”]我自己是我的解决方案。不是我喜欢的,但它有效。我只是使用正则表达式分解错误的逗号来消除问题。
If I could give out points here, I would give you some of them, bobince, because you gave me valuable information. I would also vote up if I could (need higher rep. score), but since this behavior probably is a bug, as you mentioned, I will accept that as an answer.
如果我能在这里给出分数,我会给你一些,因为你给了我有价值的信息。如果可以,我也会投票(需要更高的代表得分),但由于这种行为可能是一个错误,正如你所提到的,我会接受这个作为答案。
Thank you. :)
谢谢。 :)
#3
0
That's the way cookies work. ‘Proper’ web browsers do exactly the same, as originally specified in the ancient Netscape cookies doc: http://cgi.netscape.com/newsref/std/cookie_spec.html
这就是cookie的工作方式。 '正确'的网络浏览器完全相同,就像最初在古老的Netscape cookies doc中指定的那样:http://cgi.netscape.com/newsref/std/cookie_spec.html
Web apps must effectively always set a ‘path’ (often ‘/’).
Web应用程序必须始终设置“路径”(通常为“/”)。