使用 .net (C#) System.Net.Cookie 处理 cookie 值中的逗号
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1136405/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
handling a comma inside a cookie value using .net's (C#) System.Net.Cookie
提问by
I'm creating a client to visit a website and log in + do some tasks automatically, however they recently updated their cookies to (for whatever reason...) contain a comma inside their identification cookie.
我正在创建一个客户端来访问网站并登录 + 自动执行一些任务,但是他们最近更新了他们的 cookie(无论出于何种原因......)在他们的标识 cookie 中包含一个逗号。
So for example, the Cookie will have a value similar to this:
例如,Cookie 将具有与此类似的值:
a,bcdefghijklmnop
The problem is, according to msdnyou can't use a comma nor a period inside a cookie's value. What I'm looking for is a way around this limitation, some way to make .net's Cookie's work nice with the commas. I've found that the server does send a 'SET-COOKIE' header to the client and I'm guessing that's what is being parsed, but that also seems to obviously give special meaning to commans and semicolons as well (thus the limitation of the class inside .NET itself).
问题是,根据msdn,您不能在 cookie 的值中使用逗号或句点。我正在寻找的是一种解决此限制的方法,一种使 .net 的 Cookie 与逗号一起工作的方法。我发现服务器确实向客户端发送了一个“SET-COOKIE”标头,我猜这就是正在解析的内容,但这似乎也给命令和分号赋予了特殊的含义(因此限制.NET 内部的类)。
But then how does a browser such as IE, Firefox, etc... handle the cookie properly (as they clearly do, since the website works fine in any browsers I've tested it with.) Is there maybe a way to force this behaviour in .NET?
但是,IE、Firefox 等浏览器如何正确处理 cookie(正如他们显然所做的那样,因为该网站在我测试过的任何浏览器中都可以正常工作。)是否有办法强制执行此操作.NET 中的行为?
Any help would be appreciated, thanks.
任何帮助将不胜感激,谢谢。
--- EDIT ---
- - 编辑 - -
some additional information:
一些附加信息:
My code looks something like this:
我的代码看起来像这样:
request = (HttpWebRequest)WebRequest.Create(URI);
request.CookieContainer = Program.client.cookieJar;
Where cookieJar is defined in Program.client as:
其中 cookieJar 在 Program.client 中定义为:
CookieContainer cookieJar = new CookieContainer();
When i loop through and print out all the cookies in the CookieContainer, I get something like this: (cookies, in the format: "name" -> "value")
当我循环并打印出 CookieContainer 中的所有 cookie 时,我得到如下内容:(cookies,格式为:“名称”->“值”)
"normal_cookie" -> "i am the value"
"messedup_cookie" -> "a"
"bcdefghijklmnop" -> ""
// What I should get is this:
"normal_cookie" -> "i am the value"
"messedup_cookie" -> "a,bcdefghijklmnop"
The core of the problem seems to be that commas and semi colons are reserved characters in the SET-COOKIE header string...but then how do browsers handle this? I can probably parse the string myself but I don't know how to get around situations such as this one: (HTTP header, in the format: "name" -> "value")
问题的核心似乎是逗号和分号是 SET-COOKIE 标头字符串中的保留字符……但是浏览器如何处理呢?我可能可以自己解析字符串,但我不知道如何解决这种情况:(HTTP 标头,格式为:“名称”->“值”)
"Set-Cookie" -> "messedup_cookie=a,bcdefghijklmnop; path=/; domain=.domain.com; expires=Sat, 15-Aug-2009 09:14:24 GMT,anothervariable=i am the value;"
As you can see, the expires section looks for a comma instead of a semicolon to differentiate itself from the next variable. As far as I can tell, it's in the format:
如您所见, expires 部分查找逗号而不是分号,以将其与下一个变量区分开来。据我所知,它的格式是:
cookie1_var1=value; cookie1_var2=value,cookie2_var1=value; cookir2_var2=value
But if that's true, is there an elegant way to deal with commas that may occur inside one of the values?
但如果这是真的,是否有一种优雅的方法来处理可能出现在其中一个值中的逗号?
回答by Andrew La Grange
To handle the cookie, since a cookie is essentially a string, you may like to try URL Encoding the cookie value before setting it, and then Decoding it when you pull out the value.
对cookie的处理,由于cookie本质上是一个字符串,所以你可能想在设置之前先对cookie值进行URL Encoding,然后在取出值时Decoding。
i.e.:
IE:
Response.Cookies["Value1"] = Server.UrlEncode(sCookieValue);
and similarly:
同样:
string sCookieValue = Server.UrlDecode(Request.Cookies["Value1"]);
回答by Seb Nilsson
According to the following article, you should consider UrlEncode and UrlDecode for storing values in cookies.
根据以下文章,您应该考虑使用 UrlEncode 和 UrlDecode 在 cookie 中存储值。
private void SetCookie()
{
HttpCookie cookie = new HttpCookie("cookiename");
cookie.Expires = DateTime.Now.AddMonths(24);
cookie.Values.Add("name", Server.UrlEncode(txtName.Text));
Response.Cookies.Add(cookie);
}
private void GetCookie()
{
HttpCookie cookie = Request.Cookies["cookiename"];
if (cookie != null)
{
txtName.Text = Server.UrlDecode(cookie.Values["name"]);
}
}
Don't ever HTML encode a cookie in ASP.NET!It results in a yellow screen of death and an exception stating that the cookie contains dangerous characters.
永远不要在 ASP.NET 中对 cookie 进行 HTML 编码!它会导致黄屏死机和一个异常,指出 cookie 包含危险字符。
MSDN also has an articleon the subject.
ASP.NET does not encode or unencode cookies in UrlEncode format by default. As a result, you may encounter unexpected behavior in ASP.NET applications.
默认情况下,ASP.NET 不会以 UrlEncode 格式对 cookie 进行编码或取消编码。因此,您可能会在 ASP.NET 应用程序中遇到意外行为。
