更新时间:2022-10-24 08:04:41
如果该域中有任何其他 Cookie,它们将作为 val[1] 的一部分包含在一个长字符串中.我很难让 IIS 可靠地仅通过一个 cookie,所以我将所有 cookie 拉入 val[1] 字符串,然后将其拆分为所有 cookie 值的数组,然后只选择我需要的那个.如果有疑问,请让您的提供商将 val[1] 字符串作为客户错误输出,以便您查看它所看到的内容.
throw new Exception(val[1]);
一旦您看到实际收到的内容,您就可以确定如何拆分它.
I have a website where I created a custom cookie and I am trying to read the cookie value inside my Custom Rewrite Provider running in IIS
Question in short: How to decrypt the cookie inside custom URL rewrite provider?
Below is the code for creating custom cookie
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
model.Email,
DateTime.Now,
DateTime.Now.AddDays(7),
true,
"deepak",
FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie fCookie = new HttpCookie("customCookie", encryptedTicket);
fCookie.Expires = DateTime.Now.AddDays(7);
fCookie.Path = "/";
Response.Cookies.Add(fCookie);
Below code is to read the cookie value inside my Custom Rewrite Provider running in IIS
public class ParseUserNameProvider : IRewriteProvider, IProviderDescriptor
{
public IEnumerable<SettingDescriptor> GetSettings()
{
throw new NotImplementedException();
}
public void Initialize(IDictionary<string, string> settings, IRewriteContext rewriteContext)
{}
public string Rewrite(string value)
{
string[] val = value.Split('=');
string name = "";
if (val != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(val[1]);
if(authTicket!=null)
{
name = authTicket.Name;
}
}
return name;
}
}
Error raised as shown below
Rewrite Settings in IIS - InBound
Redirect URL
http://1x2.xx.1x8.x8:1111/Report/Report?name={ParseUserNameProvider:{C:0}}
Conditions
I learned this from : http://www.iis.net/learn/extensions/url-rewrite-module/developing-a-custom-rewrite-provider-for-url-rewrite-module
Note: This post is NOT duplicate of Custom Rewrite Provider for URL Rewrite Module because I am getting different error.
If there are any other Cookies with that domain they'll be included as part of val[1] in one long string. I had considerable difficulty making IIS reliably pass through just one cookie so I pulled though all the cookies into val[1] string and then split that into an array of all the cookie values then just selected the one I needed. If in doubt get your provider to out put the val[1] string as a customer error so you can see what it's seeing.
throw new Exception(val[1]);
Once you can see what's actually being received you work out how you need to split it.