New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
System.Net.Http.HttpClientHandler.CookieContainer is empty in a UWP app when cookies are set on 302 redirect response #17466
Comments
To workaround this issue, you can use either of the two approaches: 1.) You can continue to use the System.Net.Http.HttpClient class, but then you also have to turn off the default auto-redirection property of the HttpClientHandler (HttpClientHandler.AllowAutoRedirect = false) and perform the redirection manually (instead of automatically). When you do this, the HTTP 302 response you receive should populate the Cookie collection correctly. 2.) Use the WinRT Windows.Web.Http.HttpClient class to handle this scenario. Typically, you will use code similar to this:
|
This is exactly what I encountered today with the latest System.Net.Http (4.1.0. I think). It happens in a UWP app. I guess the issue is that the As @pphadke explains, the workaround is:
|
For the (most possible) reason why it crashes, see: https://github.com/dotnet/corefx/issues/9003 Anyway I need to rewrite RmitCoreUwp library's HTTP handling stuff.
Added` a tricky workaround, microsoft made a weird bug on System.Net.Http library. The library will become an idiot and refuse to handle the cookies well when 302 Redirection occurs. Meanwhile, it seems that Microsoft forgot (or ignored? rejected?) to fix this as the bug has been found long ago. (see: https://github.com/dotnet/corefx/issues/9003)
Has this been fixed? |
It has not been fixed yet. The fix would be part of our UAP/UWP work for .NET Core 2.1 release. |
By the way, this doesn't just affect windows UWP apps, this is broken on macOS and Xamarin.Forms with PCL |
cc: @stephentoub |
* Fix HttpClient redirection logic on UAP This PR changes the implementation of sending requests in HttpClient for UAP when dealing with redirection. In the past, we would let the WinRT layer handle auto redirection logic. However, due to #9003, the cookies were getting lost on 3xx responses since the .NET layer didn't see them. So, this PR implements the redirection ourselves. One important part of redirection is that we need to drop credentials. The WinRT layer did this for us. However, we are unable to use a single WinRT HttpBaseProtocolFilter object since we need to remove the credential after the first redirect. So, we need to maintain a second filter that uses no credentials and keep it in sync regarding all the other properties of the primary filter. With this PR, the behavior of other aspects (such as controlling max number of redirects, etc.) now matches .NET Framework. So, some tests were adjusted to remove the UAP specific behavior checks. Fixes #9003 Fixes #22191 * Disable test on Linux * Address PR feedback * Disable failing HTTP/2 test
When the System.Net.Http.HttpClient class - with a HttpClientHandler is used from a UWP, the response cookie collection returned is empty. This happens when the cookies are being set on a 302 redirect response.
When you collect a network trace, you should notice the below request/response pattern:
Request:
GET location HTTP/1.1
Host: host
Connection: Keep-Alive
...other request headers
Response:
HTTP/1.1 302 Object moved
Set-Cookie: name=value;
Location: redirect location
...other response headers
The problem happens because the default behavior of the HttpClientHandler is to perform auto-redirection. With this setting, the .NET layer does not get to see the cookies in the redirect response leading to the buggy behavior.
The text was updated successfully, but these errors were encountered: