Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Need Urgent fix for CookieHeaderParserShared throws exception when last cookie contains invalid character in .NET7

See original GitHub issue

Is there an existing issue for this?

I have searched the existing issues

Describe the bug

#45127 related to this issue Fix CookieHeaderParserShared throws exception when last cookie contains invalid character and this #45014

I confirm that there is an issue in NET 7 and that the Asp.net core code has to be fixed. We cannot wait for the release of NET 8.

Expected Behavior

CookieHeaderParserShared.CookieHeaderParserShared Shoul not return true from this line https://github.com/dotnet/aspnetcore/blob/v7.0.1/src/Http/Shared/CookieHeaderParserShared.cs#L75

because it will make this code thrown the exception

Steps To Reproduce

Change ParseManyCookies unit test to below code

  [Fact]
    public void ParseManyCookies()
    {
        var cookies = RequestCookieCollection.Parse(new StringValues(new[] { "errorcookie=dd,:(\"sa;" }));

        Assert.Equal(12, cookies.Count);
    }

Exceptions (if any)

unit test : https://github.com/dotnet/aspnetcore/blob/v7.0.1/src/Http/Http/test/RequestCookiesCollectionTests.cs#L43

.NET Version

7.0

Anything else?

No response

Issue Analytics

State:
Created 9 months ago
Reactions:6
Comments:11 (5 by maintainers)

Top GitHub Comments

5reactions

davidfowlcommented, Dec 20, 2022

@Tratcher if this is common, we might want to revert this change. I’m thinking about the YARP scenario and people using ASP.NET Core as a gateway

1reaction

kchinburaratcommented, Dec 20, 2022

@davidfowl @Tratcher I found this code was remove from dotnet bot here https://github.com/dotnet/aspnetcore/pull/35547#discussion_r701222376

FYI. We are decided to roll back the production version from .NET 7 to.NET6

Top Results From Across the Web

An invalid character[44] was present in the Cookie value

The character 0x44 is comma character and it is not allowed in cookies: This string is a sequence of characters excluding semi-colon, ...

升级至.NET 7 后日志中很多错误："Nullable object must have ...

一个ASP.NET Core 应用从.NET 6 升级至.NET 7 之后，日志中出现很多错误"Nullable object must have a value" ```log System.

Cookie Names with Invalid Characters in Custom Code ...

An error message is logged that shows the original cookie name and the sanitized name with the underscore characters. Rework any custom code ......

SyntaxError: illegal character - JavaScript - MDN Web Docs

The JavaScript exception "illegal character" occurs when there is an invalid or unexpected token that doesn't belong at this position in the code....

InvalidPathException (Java Platform SE 7 )

Unchecked exception thrown when path string cannot be converted into a Path because the path string contains invalid characters, or the path string...