问题
I faced a problem.
When you add multiple Set-Cookie headers to the response
headers.Add("Set-Cookie", "a=b;Path=/;");
headers.Add("Set-Cookie", "c=d;Path=/;");
actually they are combined and only one header is sent with comma-separated cookies
Set-Cookie: a=b;Path=/;,c=d;Path=/;
According to RFC2109 it is a valid syntax. But it is not according to RFC6265, which deprecates RFC2109
Moreover latest browsers does not support this comma-separated syntax as well. Tested on IE9, Firefox 13 and Google Chrome 20.
All of these browsers took first cookie only.
Please see the sample project below
https://github.com/mnaoumov/cookie-bug/
I want to find some workaround.
I expect to have two different Set-Cookie headers.
I tried to write some MessageInspector to rewrite HTTP headers. I could not find how to access that headers.
Any ideas?
P.S. Used technology: Web API
回答1:
According to answer on codeplex (http://aspnetwebstack.codeplex.com/workitem/288) this issue is known issue and related to WCF self-hosting and should be fixed by moving to IIS hosting.
This is WCF 4 issue which marked as won't fix.
Found another question with the same outcome WCF 4.0 Cookie Only First is Recorded by Browser.
回答2:
You can use the HttpContext.Current.Response.SetCookie
using System.Web;
HttpCookie foo = new HttpCookie("foo", "true");
HttpContext.Current.Response.Cookies.Add(foo);
HttpCookie bar = new HttpCookie("bar", "true");
HttpContext.Current.Response.Cookies.Add(bar);
This will add multiple set-cookies header in the response.
Edit: also, you should add the
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true"/>
in your web.config
来源:https://stackoverflow.com/questions/11533867/adding-multiple-set-cookie-headers-in-asp-net-web