#StackBounty: #node.js #cookies #https setting up https cookie in nodejs

Bounty: 200

I am trying too setup a login system on my website.

Heard that nodejs cookies are a good way to do that.

Here:
https://stackoverflow.com/a/21809393/322537 I have found an example of how https servers are created.
It is my understanding that the createServer function should run every time a client makes a request.

So I have the following in my code:

var server_https=modules.https.createServer({
    key: this.ssl_key,
    cert:this.ssl_cert
    },this.respond_to_client).listen(this.port);


mconnection.prototype.respond_to_client=function(request,response){
    console.log('responded to client');
    }

The server appear to run fine as the website is up and running.
But the respond_to_client function appears to never run as nodejs’s log file never indicates the ‘responded to client’ string.

How could that be?
Could it have something to do with that I’m upgrading the https server to a websocket shortly later in the code?

update:
here is the server file:
https://openage.org/s.js
here is the connection module:
https://openage.org/c.js

and here is the chat program the are serving
https://openage.org/chat/14/?page=index

The plan is to then make cookies to identify clients and then to setup a login system. But I’m stuck at this. /:


Get this bounty!!!

#StackBounty: #reactjs #asp.net-core #cookies #identityserver4 Authentication cookie disappears in react SPA after some time

Bounty: 50

We have an SPA, written in React together with ASP.net core for hosting.

To authenticate the app, we are using IdentityServer4 and use a cookie. The client is configured according to the sample, described here: https://github.com/IdentityServer/IdentityServer4/tree/main/samples/Quickstarts/4_JavaScriptClient/src

For authenticating a user, everythings works fine. It will be redirected to the login page. After signing in, redirection to the SPA is done. The authentiation cookie is set as expected with:

  • HttpOnly = true
  • Secure = true
  • SameSite = None
  • Expires / Max-age = one week from login time

In the ASP.net core project for the SPA, in Startup.cs, data protection is also configured as:

services.Configure<CookiePolicyOptions>(options =>
{                                                        
  options.CheckConsentNeeded = context => false;
  options.MinimumSameSitePolicy = SameSiteMode.None;
});

services.AddDataProtection()
  .PersistKeysToFileSystem(new DirectoryInfo(_sharedAuthTicketKeys))
  .SetApplicationName("SharedCookieApp");

Our issue:

After about 30 minutes, the authentication cookie (and only that, other remains) is disappearing from the browser automatically. Then the user has to sign in again. Why does this happen together with the SPA?

In another MVC application, the user has to sign in again when the cookie expires, as expected.

Update

In the meantime I discovered that the cookie, while requesting https://ourdomain/.well-known/openid-configuration after 30 minutes idle time, has lost the values of Domain, Path, Expires/Max-Age, HttpOnly, Secure and SameSite.None. Those values have definitely been set after signing in.
The response cookie has the value of Expires/Max-Age set to a time in the past and therefore the cookie will be dropped by the browser.
Network traffic

Has anyone an idea, why those values got lost after some time?


Get this bounty!!!

#StackBounty: #nginx #reverse-proxy #http #cookies #headers Removing one cookie in proxy_pass of nginx

Bounty: 50

I’m trying to proxy_pass the whole request coming to my nginx to certain base URL to another upstream server removing server cookie. All other cookies, HTTP headers, the URL itself should be kept as is, sent to the upstream and response passed back to my client.

So far what I have tried is following this guide on nginx forum. Here is how my location directives look like:

set $new_cookie $http_cookie;

if ($http_cookie ~ "(.*)(?:^|;)s*server=[^;]+(.*)") {
  set $new_cookie $1$2;
}

location  ~ ^/d/application(.*)$ {
  # here we serve this from another container running locally, no proxy_pass
  resolver 127.0.0.11;
  proxy_pass         http://application:8080/d/application$1;
  proxy_redirect     off;
  proxy_set_header   Host $host;
}

location  ~ ^/d/(.*)$ {
  # any other URL NOT starting with /d/application we would like to proxy_pass to another backend and remove server cookie
  resolver 127.0.0.11;
  proxy_pass         https://anotherapp.mydomain.com/d/$1;
  proxy_redirect     off;
  proxy_set_header Cookie $new_cookie;
  proxy_set_header   Host $host;
}

The problem. Now for just one request to /d/somethingelse the logs look like this:

proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 101 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 400 106 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 2020/04/17 09:56:45 [error] 9#0: *10 upstream sent too big header while reading response header from upstream, client: 10.18.6.15, server: , request: "GET /d/somethingelse HTTP/1.1", upstream: "https://10.18.16.1:443/d/somethingelse", host: "anotherapp.mydomain.com"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 502 568 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 502 568 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 502 568 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 502 568 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
proxy_1        | 10.18.6.15 - - [17/Apr/2020:09:56:45 -0400] "GET /d/somethingelse HTTP/1.1" 502 568 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"

UPDATE: adding

      proxy_buffer_size          128k;
      proxy_buffers              4 256k;
      proxy_busy_buffers_size    256k;

to the location with proxy_pass removes the too big header error, but still there are many requests sent to the upstream at the same moment for just one request from the browser

Now I’m struggling with just the forwarding to the upstream host. If I comment out proxy_set_header Cookie $new_cookie; and cookie regexp and setting $new_cookie, I’m still seeing many requests to the upstream.

Added proxy_ssl_verify off; to the second location – still seeing the same issue.


Get this bounty!!!

#StackBounty: #session #asp.net-core #cookies #tempdata TempData Cookie Issue. The size of the request headers is too long

Bounty: 50

In Controller, I save a collection of errors into cookies via TempData

var messages = new List<Message>();
...
TempData.Put("Errors", messages);

TempData.Put is an extension method

public static class TempDataExtensions
    {

        public static void Put<T>(this ITempDataDictionary tempData, string key, T value) where T : class
        {
            tempData[key] = JsonConvert.SerializeObject(value);
        }

        public static T Get<T>(this ITempDataDictionary tempData, string key) where T : class
        {
            tempData.TryGetValue(key, out object o);
            return o == null ? null : JsonConvert.DeserializeObject<T>((string)o);
        }
    }

When HTML is loaded, I see

enter image description here

and several cookies were created (Chrome Developer Tools > Application > Storage > Cookies)

enter image description here

The issue I think, is that total size of Cookies is hitting some Cookie Size limit somewhere.

So I have two questions :
Is it possible to change the cookie size limit (in web.config for example) ?
Is it possible to use session instead of cookies for TempData ?

I tried the second approach and if I change the startup.cs file

\ ConfigureServices method

services.AddMvc()
   .SetCompatibilityVersion(CompatibilityVersion.Version_2_1)
   .AddSessionStateTempDataProvider();

services.AddSession();

\ Configure method

app.UseSession();

app.UseMvc(routes =>
{
     routes.MapRoute(
     name: "default",
     template: "{controller=Home}/{action=Index}/{id?}");
});

The TempData are still using Cookies, do I forgot some setting somewhere ?


Get this bounty!!!

#StackBounty: #express #cookies #safari On Safari, cookies are not saved when sent with redirect

Bounty: 50

I have implemented an OAuth2 client, in which the first step is to send a user to the relevant 3rd party (facebook for this example), I set them a state cookie, and when they return from facebook I validate that state cookie.

In Chrome, everything is great. When I send the user to the redirect URL, I can see (using inspect element) that they have the state cookie I set.
However, when I try on (desktop) safari on latest MacOS, I don’t see that cookie.

I set the cookie in the response for my redirect request:

res.cookie('state', state.toString(), {
  maxAge: 3600000,
  secure: true,
  httpOnly: true,
});
res.redirect(someRedirectUri);

How can I get those cookies to be saved on Safari as well? Am I just setting the cookies wrong?


Get this bounty!!!

#StackBounty: #nginx #reverse-proxy #java #cookies Intercept location response to extract a cookie

Bounty: 50

I’m working on a project using nginx as reverse proxy and I’m trying to intercept a response from a specific location in order to extract a cookie and save it in a database.

I’m able to listen a location and verify the validity of a token added as a header. I’m using Java to handle this. SO what I’m trying to do now is to intercept the response and extract a specific cookie. Otherwise extracting only the cookie without intercepting the response.

Thank for your help.


Get this bounty!!!

#StackBounty: #cookies #asp.net #web-authentication #session Why are ASP.NET form authentication cookies deleted only on client side if…

Bounty: 50

ASP.NET documentation says:

FormsAuthentication.SignOut()

Removes the forms-authentication ticket from the browser

Why is the cookie not invalidated at the server as well? It would be easy to implement. After all this code runs at the server. In fact it’s easier to implement on the server because the server trusts itself, whereas clearing the cookies on the client requires cooperation by the client. What if the client fails to cooperate by error or maliciously? What then?

I tested this code and it does what it says. It removes the cookie on the browser, and it leaves the server side cookie valid. I took a copy of the cookie prior to signing out, and then signed myself back in with that cookie without providing username and password.

So what’s the worse that could happen? This:

  1. Bob is logged in and saves his session cookie to notepad
  2. Administrator wants to revoke Bob’s access immediately and sets a flag that triggers FormsAuthentication.SignOut() on the next web request from Bob. The administrator also changes Bob’s password.
  3. Bob’s browser reacts to SignOut() by clearing his cookie and he is signed out imediatelly. Bob sees a message “you have been signed out”, he tries to hit the back button but he is really signed out. He can’t get back in. He tries logging in with his username and password, but it says his password is invalid.
  4. Administrator watches server logs and sees that SignOut() was executed successfully.
  5. Bob uses saved session cookie to log back in (and is allowed). He continues working on the system indefinitely.

Isn’t this a bad thing? Is this just ASP.NET or do other frameworks do it this way?


Get this bounty!!!

#StackBounty: #javascript #express #cookies #session-cookies #http-status-code-400 How to Avoid throwing 400 errors from ExpressJS

Bounty: 50

Background: I am getting 400 errors (and a blank 400 page response) from a malformed cookie on my site (coming from one of my affiliate pages). I have wrote a code to delete the cookie, but some of my customers still get an error because it’s in their cache. Once they clear their cache the problem is fixed.

This issue is circumvented all together in my .NET code base by simply ignoring a 400 error, I would like to do the same in Express JS.

Ask: I would like to have express ignore all cookies on a 400 error (often caused by defective cookies) or to at least ignore the error all together. Is there any way to do this?

My ClearDefectiveCookies function for reference (functioning correctly)

const clearDefectiveCookies = (req, res, next) => {
  const cookies = req.cookies;
  const defectiveCookies = Object.keys(cookies).filter(key => typeof cookies[key] === 'string' && (cookies[key].charAt(0) === '='));

  if (defectiveCookies.length > 0) {
    defectiveCookies.forEach(defectiveCookie => {
      res.clearCookie(defectiveCookie);
    });
  }

  next();
};

Problematic Cookie for Reference

Name: xyz_123 and value: =NaN=xyz=123


Get this bounty!!!

#StackBounty: #cookies Why does it say: 'Cookies are blocked or not supported'?

Bounty: 50

There are many many many many pages about this issue (and I could keep going).

For those who just came here for a solution, then it is:

1) Just try and refresh the page.

2) Try putting this in your wp-config.php

define('ADMIN_COOKIE_PATH', '/');
define('COOKIE_DOMAIN', '');
define('COOKIEPATH', '');
define('SITECOOKIEPATH', ''); 

3) Or try putting this in your wp-config.php

define('COOKIE_DOMAIN', $_SERVER['HTTP_HOST'] );

4) Or putting this in your functions.php:

setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
if ( SITECOOKIEPATH != COOKIEPATH ) setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);

BUT…

I can find no one explaining why it happens? I’m experiencing it on my local development environment, but I want to ensure that it doesn’t happen when I push to production.

Why is it, that that error occurs? … And why is it, that a simple refresh can bypass it?


Get this bounty!!!

#StackBounty: #c# #google-chrome #cookies Chrome cookie not up-to-date

Bounty: 50

In my Winforms project, I can get a cookie of a site opened in IE by the following method :

InternetGetCookie("mysite.com", "mycookie", "something" , "something" )

As a new requirement coming, the site must be opened in Chrome. That means the method above doesn’t work anymore.

After some research, I found out a solution to use Sqlite to read the cookies file stored in "UsersxxAppDataGoogleChromeUser DataDefaultcookies", it works as expected. I can fetch the cookie by giving the name and URL.

BUT PROBLEM: The cookies file is not up-to-date and is updated 1-2 minutes laters. That means the cookies of the request shown in Chrome DevTool is not the same as in the cookies file.

Is there any way to fetch the cookie in Chrome from C# Winforms project similar to InternetGetCookie?


Get this bounty!!!