Strange problem with cookies in Safari and Asp.net

by

I have a strange problem on my login page in Asp.net this problem only happens with Safari.

When the user is validated I fetch the name of the user from the database (the field in the database is UTF8) and save it in a cookie. The problem is that when the user has a name with special characters I get redirected to the page where I came from without being logged in. For example “Moller” works fine and the user is logged in but not “Møller”.

Again this is only happening with Safari and when I have special characters in the name. The row that isn’t working is: Response.Cookies[“userInfo”][“name”] = getNameFromUserid(userid);

This is my code:

string userid = validUserWithEmail(TextBoxEmail.Text, TextBoxPassword.Text);
if (userid != null) {
    //VALID USER
    Response.Cookies["userInfo"].Expires = DateTime.Now.AddDays(30);
    Response.Cookies["userInfo"]["name"] = getNameFromUserid(userid);

    FormsAuthentication.RedirectFromLoginPage(userid, CheckBoxPersistCookie.Checked);
} 
else
{
    //NOT A VALID USER SHOW A MESSAGE FOR THE USER OR SOMETHING
}
Contents hide
Answers:
Method 1

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Safari will not set cookies with non-ASCII characters in their value and other browsers can be unpredictable in how they display non-ASCII characters. As semi-colon is also not allowed in cookie values for any browser I would recommend using UrlEncode/UrlDecode.

If you are just writing the cookie and do not have control over the site reading/displaying the value to put in the URLDecode you can also do something like this:

ckCookie.Value = (Server.HtmlEncode( strSpecialCharacters )).Replace(";","");

This will ensure the full string is set in the cookie and Safari, Chrome, Firefox and IE will still recognize the html codes even without the ; and does not require decoding when read.

For a longer answer on cookie specs see: Allowed characters in cookies


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x