-
-
Notifications
You must be signed in to change notification settings - Fork 391
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Inconsistent Cookies between Android and iOS in .NET MAUI #760
Comments
Hmm. I'm not set up with MAUI at the moment, but @aaron-yb if you could help me troubleshoot this I would appreciate it. Please try running this on iOS, based on your code sample above: var handler = new HttpClientHandler();
handler.UserCookies = false;
handler.ServerCertificateCustomValidationCallback = (sender, cert, chain, sslPolicyErrors) => true;
var httpCli = new HttpClient(handler);
var flurlCli = new FlurlClient(httpCli);
var flurlResp = await flurlCli
.Request(_serviceLayerUrl)
.AppendPathSegment("Login")
.WithCookies(out var cookieJar)
.PostJsonAsync(new { CompanyDB = _companyDB, UserName = _username, Password = _password });
// what's in cookieJar?
// what's in flurlResp.Cookies?
// what's in flurlResp.Headers? For the comments at the bottom, you could either output that info to the console or just add a breakpoint and let me know what you're seeing. I think this will be helpful in getting to the bottom of the problem. Thanks! |
Hi @tmenier , apologies for the delay in getting back to you. I get the following output on iOS: 2023-09-29 15:54:05.473476+0100 SLTest[5435:417741] cookieJar: and the following on Android: [DOTNET] cookieJar: |
Interesting. Normally, when However, what I just noticed looking back at this snippet from @bgmulinari, It's as though To test this theory, could you run my snippet above yet again, only remove this line entirely? handler.UseCookies = false; |
Hi @tmenier , Looks like you may be on to something! Here is the output on iOS: 2023-09-30 14:59:15.240374+0100 SLTest[9230:629017] cookieJar: (domain outputs normally, but I have obscured it) Here is the output on Android: [DOTNET] ROUTEID: .node9 |
Wow. I think you've proven that
Armed with that information, I'll be willing to move forward with a fix. Thanks! |
Here's the default handler used on iOS platforms: And I believe this is the repo where an issue should be raised: I might have time to pursue this in the near future, but if someone wants to beat me to it, by all means. :) |
Hey @tmenier thanks for your replies and info- I'm having a go at working this all out, bit of a learning curve! Will see who gets there first |
I have been debugging a package that implements Flurl. (Original issue here: bgmulinari/B1SLayer#49). Have tried adjusting iOS info.plist file with NSAppTransportSecurity values.
On .NET Maui Android the following code will return session cookies:
`
private async Task FlurlLoginAsync()
{
var loginResponse = await _serviceLayerUrl
.AppendPathSegment("Login")
.WithCookies(out var cookieJar)
.PostJsonAsync(new { CompanyDB = _companyDB, UserName = _username, Password = _password })
.ReceiveString();
`
However when running the same from iOS, there are never any cookies. Debug output looks as following:
On iOS / Mac I get the following output:
2023-08-23 14:56:09.536898+0100 SLTest[10595:1499318] Request URL: https://url:50000/b1s/v1/Login
2023-08-23 14:56:09.537186+0100 SLTest[10595:1499318] HTTP Method: POST
2023-08-23 14:56:09.537798+0100 SLTest[10595:1499318] Response Status Code: OK
2023-08-23 14:56:09.537904+0100 SLTest[10595:1499318] Request Headers:
2023-08-23 14:56:09.538140+0100 SLTest[10595:1499318] Response Headers:
2023-08-23 14:56:09.538552+0100 SLTest[10595:1499318] Server: Apache
2023-08-23 14:56:09.538721+0100 SLTest[10595:1499318] Vary: Accept-Encoding
2023-08-23 14:56:09.540703+0100 SLTest[10595:1499318] Date: Wed, 23 Aug 2023 13:56:06 GMT
2023-08-23 14:56:09.540808+0100 SLTest[10595:1499318] Keep-Alive: timeout=5, max=100
2023-08-23 14:56:09.540898+0100 SLTest[10595:1499318] Connection: Keep-Alive
2023-08-23 14:56:09.542724+0100 SLTest[10595:1499318] Request Body:
{
"odata.metadata" : "https://url:50000/b1s/v1/$metadata#B1Sessions/@Element",
"SessionId" : "ce6f595c-41bc-11ee-c000-000c2980395a-14548-6632",
"Version" : "1000210",
"SessionTimeout" : 30
}
2023-08-23 14:56:09.558334+0100 SLTest[10595:1498480] Cookies received:
On Android I get the following:
[DOTNET] Request URL: https://url:50000/b1s/v1/Login
[DOTNET] HTTP Method: POST
[DOTNET] Response Status Code: OK
[DOTNET] Request Headers:
[DOTNET] Response Headers:
[DOTNET] Connection: Keep-Alive
[DOTNET] Date: Wed, 23 Aug 2023 14:02:19 GMT
[DOTNET] Keep-Alive: timeout=5, max=100
[DOTNET] Server: Apache
[DOTNET] Set-Cookie: B1SESSION=ac58e080-41bd-11ee-c000-000c2980395a-14752-8204;HttpOnly;;Secure;SameSite=None, ROUTEID=.node8; path=/;Secure;SameSite=None
[DOTNET] Vary: Accept-Encoding
[DOTNET] X-Android-Received-Millis: 1692799340723
[DOTNET] X-Android-Response-Source: NETWORK 200
[DOTNET] X-Android-Selected-Protocol: http/1.1
[DOTNET] X-Android-Sent-Millis: 1692799338028
[DOTNET] Request Body:
[DOTNET] {
[DOTNET] "odata.metadata" : "https://url:50000/b1s/v1/$metadata#B1Sessions/@Element",
[DOTNET] "SessionId" : "ac58e080-41bd-11ee-c000-000c2980395a-14752-8204",
[DOTNET] "Version" : "1000210",
[DOTNET] "SessionTimeout" : 30
[DOTNET] }
[DOTNET] Cookies received:
[DOTNET] ROUTEID: .node8
[DOTNET] B1SESSION: ac58e080-41bd-11ee-c000-000c2980395a-14752-8204
[DOTNET] Request URL: https://url:50000/b1s/v1/Login
[DOTNET] HTTP Method: POST
[DOTNET] Response Status Code: OK
[DOTNET] Request Headers:
[DOTNET] Response Headers:
[DOTNET] Connection: Keep-Alive
[DOTNET] Date: Wed, 23 Aug 2023 14:02:19 GMT
[DOTNET] Keep-Alive: timeout=5, max=100
[DOTNET] Server: Apache
[DOTNET] Set-Cookie: B1SESSION=ac567d90-41bd-11ee-c000-000c2980395a-8440-7940;HttpOnly;;Secure;SameSite=None, ROUTEID=.node7; path=/;Secure;SameSite=None
[DOTNET] Vary: Accept-Encoding
[DOTNET] X-Android-Received-Millis: 1692799340837
[DOTNET] X-Android-Response-Source: NETWORK 200
[DOTNET] X-Android-Selected-Protocol: http/1.1
[DOTNET] X-Android-Sent-Millis: 1692799338028
[DOTNET] Request Body:
[DOTNET] {
[DOTNET] "odata.metadata" : "https://url:50000/b1s/v1/$metadata#B1Sessions/@Element",
[DOTNET] "SessionId" : "ac567d90-41bd-11ee-c000-000c2980395a-8440-7940",
[DOTNET] "Version" : "1000210",
[DOTNET] "SessionTimeout" : 30
[DOTNET] }
[DOTNET] Cookies received:
[DOTNET] ROUTEID: .node7
[DOTNET] B1SESSION: ac567d90-41bd-11ee-c000-000c2980395a-8440-7940
The text was updated successfully, but these errors were encountered: