Giters

Azure / azure-relay-dotnet

☁️ .NET Standard client library for Azure Relay Hybrid Connections

Home Page:https://docs.microsoft.com/en-us/azure/service-bus-relay/relay-what-is-it

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

When adding multiple cookies to the RelayedHttpListenerResponse.Headers, only the first one gets returned to the browser

rsteenks opened this issue · comments

commented

Actual Behavior

  1. When multiple cookies are added to the RelayedHttpListenerContext.Response.Headers, only the first cookie is retrieved by the browser.

Expected Behavior

  1. All cookies that are added to the RelayedHttpListenerContext.Response.Headers should be returned to the browser.

Versions

  • OS platform and version: Windows 10
  • .NET Version: .NET Core 2.0
  • NuGet package version or commit ID: 2.0.1

When using a modified version of the SendResponseAsync-method of https://github.com/Azure/azure-relay/tree/master/samples/hybrid-connections/dotnet/hcreverseproxy/Microsoft.Azure.Relay.ReverseProxy/HybridConnectionReverseProxy.cs
like this

  async Task SendResponseAsync(RelayedHttpListenerContext context, HttpResponseMessage responseMessage)
  {
     context.Response.StatusCode = responseMessage.StatusCode;
     context.Response.StatusDescription = responseMessage.ReasonPhrase;
     foreach (KeyValuePair<string, IEnumerable<string>> header in responseMessage.Headers)
     {
        if (string.Equals(header.Key, "Transfer-Encoding"))
        {
           continue;
        }

        context.Response.Headers.Add(header.Key, string.Join(",", header.Value));
     }

     foreach (KeyValuePair<string, IEnumerable<string>> header in responseMessage.Content.Headers)
     {
        context.Response.Headers.Add(header.Key, string.Join(",", header.Value));
     }

     context.Response.Headers.Add("Set-Cookie", "test2; path=/");
     context.Response.Headers.Add("Set-cookie", "test1; path=/");

     var responseStream = await responseMessage.Content.ReadAsStreamAsync();
     await responseStream.CopyToAsync(context.Response.OutputStream);
  }

then only the first cookie (i.e. test2) will be returned to the browser.

It look likes that the Azure Hybrid Connection doesn't support the comma as a separator for handling multiple cookies with a single Set-Cookie header.

commented

I tried to reproduce given the details you provided but wasn't able to see any missing header values. I tried on netcoreapp2.0, 2.1, and 2.2 All on Windows 10 with Microsoft.Azure.Relay.dll package 2.0.1.

Can you tell what's different or could you modify the MultiValueHeader unit test to demonstrate the issue?

image

commented

The problem occurs when there are already cookies present from the forwarded Http-request, especially when there is more than one Set-cookie header. I've tested this when forwarding requests t o an IIS-server which uses IdentityServer for authentication. Then some of the cookies that are needed for authentication were not delivered to the browser, only the first one seems to survive.