stackoom
  简体   繁体   中英

Why is the cookie expiration date not surviving across sessions in ASP.NET?

 原文  2014-01-29 19:48:58       asp.net/ cookies

Question

I made some changes to the testbed page, so I could make my question clearer here.

The page has three buttons: Set; Clear; and Get.

Set has this code: 

PreferredCookie = new HttpCookie("PreferredCookie");
PreferredCookie.Value = "Chocolate Chip";
DateTime exp = DateTime.Now.AddDays(1.0d);
PreferredCookie.Expires = exp;
Response.Cookies.Set(PreferredCookie);

Clear has this: 

HttpCookie PreferredCookie = Request.Cookies["PreferredCookie"];
if (PreferredCookie != null)
{
    PreferredCookie.Value = "";
    PreferredCookie.Expires = DateTime.Now;
    Response.Cookies.Set(PreferredCookie);
}

Get has this, which outputs to an asp:Literal: 

HttpCookie PreferredCookie = Request.Cookies["PreferredCookie"];
if (PreferredCookie != null)
{
    CookieLiteral.Text = "Value = " + PreferredCookie.Value + "<br>";
    CookieLiteral.Text += "Expires = " + PreferredCookie.Expires.ToString("MM/dd/yyyy HH:mm:ss");
}
else
{
    CookieLiteral.Text = "<h2>No Cookie?</h2>";
}

If I start the page and click on Clear, and then follow-up with the Get, I see:

No Cookie?

If I then click the Set, then Get, I see:

Value = Chocolate Chip
Expires = 01/01/0001 00:00:00

This date seems to be treated as never expiring. I get the same results if I access the page with Firefox.

1 answers

solution1
 14 ACCPTED  2014-01-30 05:09:28

The Short Answer - You cannot read the cookie's expiration date and time.

Slightly Longer Answer - This is not an issue of sessions in ASP.NET. It is an issue of what you can read from a cookie server-side in ASP.NET. Per the MSDN :

The browser is responsible for managing cookies, and the cookie's expiration time and date help the browser manage its store of cookies. Therefore, although you can read the name and value of a cookie, you cannot read the cookie's expiration date and time . When the browser sends cookie information to the server, the browser does not include the expiration information. (The cookie's Expires property always returns a date-time value of zero.)

You can read the Expires property of a cookie that you have set in the HttpResponse object, before the cookie has been sent to the browser. However, you cannot get the expiration back in the HttpRequest object.

So basically, the cookie expiration date is set correctly. This can be verified by inspecting the cookie in the browser. Unfortunately, reading this cookie like in your Get function will return 1/1/0001.

If you really want to get the expiration, then you'd have to store it in the cookie itself:

Set 

DateTime exp = DateTime.Now.AddDays(1);
HttpCookie PreferredCookie = new HttpCookie("PreferredCookie");
PreferredCookie.Values.Add("cookieType", "Zref");
PreferredCookie.Values.Add("exp", exp.ToString());
PreferredCookie.Expires = exp;
Response.Cookies.Set(PreferredCookie);

Get 

HttpCookie PreferredCookie = Request.Cookies["PreferredCookie"];
if (PreferredCookie != null)
{
    CookieLiteral.Text = "Value = " + PreferredCookie["cookieType"] + "<br>";
    CookieLiteral.Text += "Expires = " + PreferredCookie["exp"];
}
else
{
    CookieLiteral.Text = "No Cookie";
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.Net Forms Authentication cookie is passed across sessions ASP.NET Session Vs Cookie expiration Cookie expiration issue in asp.net ASP.NET Sessions and browser cookie support ASP.Net External Cookie with Sliding Expiration appearing as a Session cookie Set cache expiration date in asp.net ASP.NET Cookie Update Value Without Updating Expiration? Setting Path and Expiration for session cookie in asp.net Asp.Net Web API Cookie Expiration on shared hosting env ASP.NET Core 1.0 - MVC 6 - Cookie Expiration
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM