468,268 Members | 1,761 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,268 developers. It's quick & easy.

"Disappearing cookies": any change in ASP.NET 2.0?

While I was learning about baking cookies in ASP.NET, I also ran across this
interesting article that outlined a few bombs to watch out for when using
cookies in ASP.NET:

http://www.codeproject.com/aspnet/aspnetcookies.asp

The "disappearing cookie" syndrome that the author describes seems
problematic:

<quote> If you try to access a cookie that doesn't exist in the
Response.Cookies collection, it will be created with an empty string in the
Value and an Expires date of 01-Jan-0001 00:00. Strangely, it also creates a
matching cookie in the Request.Cookies collection if one doesn't already
exist. </quote>

The author goes on to describe how this can bite you if you're doing
conditional tests for the existence of a cookie.

Will this behavior change in ASP.NET 2.0?
Nov 19 '05 #1
2 1379
Hi Kenfine,

Welcome to ASPNET newsgroup.
I've also noticed your another thread about asp.net's cookie.
As for the problem prone behavior of the Response.Cookies collection you
mentioned,

================
<quote> If you try to access a cookie that doesn't exist in the
Response.Cookies collection, it will be created with an empty string in the
Value and an Expires date of 01-Jan-0001 00:00. Strangely, it also creates
a
matching cookie in the Request.Cookies collection if one doesn't already
exist. </quote>
================

in fact it is due to the HttpCookieCollection's getter accesor's
implementation, which will create a empty item and add it when we try
accessing an item which doestn't exist orginally. Also, I've checked the
current beta2 version of the .NET framework and found that the
HttpCookieCollection remain the same implementation as the one in 1.x.
Generally, for the cookie accessing, we recommend that we use the
HttpCookieCollection.keys property to verify the existence of the item's
key first before accessing the actual item which will be much more graceful
and safer.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)


--------------------
| Reply-To: "ke*****@nospam.nospam" <ke*****@u.washington.edu>
| From: <ke*****@nospam.nospam>
| Subject: "Disappearing cookies": any change in ASP.NET 2.0?
| Date: Tue, 16 Aug 2005 18:58:17 -0700
| Lines: 21
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#N*************@TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: idea.urel.washington.edu 128.95.9.12
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP15.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:118480
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| While I was learning about baking cookies in ASP.NET, I also ran across
this
| interesting article that outlined a few bombs to watch out for when using
| cookies in ASP.NET:
|
| http://www.codeproject.com/aspnet/aspnetcookies.asp
|
| The "disappearing cookie" syndrome that the author describes seems
| problematic:
|
| <quote> If you try to access a cookie that doesn't exist in the
| Response.Cookies collection, it will be created with an empty string in
the
| Value and an Expires date of 01-Jan-0001 00:00. Strangely, it also
creates a
| matching cookie in the Request.Cookies collection if one doesn't already
| exist. </quote>
|
| The author goes on to describe how this can bite you if you're doing
| conditional tests for the existence of a cookie.
|
| Will this behavior change in ASP.NET 2.0?
|
|
|

Nov 19 '05 #2
Have you tried testing for it ?

:-)

Juan T. Llibre
ASP.NET MVP
http://asp.net.do/foros/
Foros de ASP.NET en Español
Ven, y hablemos de ASP.NET...
======================

<ke*****@nospam.nospam> wrote in message news:%2***************@TK2MSFTNGP15.phx.gbl...
While I was learning about baking cookies in ASP.NET, I also ran across this interesting
article that outlined a few bombs to watch out for when using cookies in ASP.NET:

http://www.codeproject.com/aspnet/aspnetcookies.asp

The "disappearing cookie" syndrome that the author describes seems problematic:

<quote> If you try to access a cookie that doesn't exist in the Response.Cookies
collection, it will be created with an empty string in the Value and an Expires date of
01-Jan-0001 00:00. Strangely, it also creates a matching cookie in the Request.Cookies
collection if one doesn't already exist. </quote>

The author goes on to describe how this can bite you if you're doing conditional tests
for the existence of a cookie.

Will this behavior change in ASP.NET 2.0?

Nov 19 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by tascien | last post: by
reply views Thread by Framework fan | last post: by
13 posts views Thread by Water Cooler v2 | last post: by
23 posts views Thread by Phil Powell | last post: by
reply views Thread by kermitthefrogpy | last post: by
reply views Thread by zattat | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.