[Mono-bugs] [Bug 76906][Wis] New - HttpCookie Secure Property Does
Not Set
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Sat Dec 3 22:52:24 EST 2005
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by monobugzilla at yellowguppy.com.
http://bugzilla.ximian.com/show_bug.cgi?id=76906
--- shadow/76906 2005-12-03 22:52:24.000000000 -0500
+++ shadow/76906.tmp.31375 2005-12-03 22:52:24.000000000 -0500
@@ -0,0 +1,114 @@
+Bug#: 76906
+Product: Mono: Class Libraries
+Version: 1.1
+OS: GNU/Linux [Other]
+OS Details: Debian Testing
+Status: NEW
+Resolution:
+Severity:
+Priority: Wishlist
+Component: Sys.Web
+AssignedTo: gonzalo at ximian.com
+ReportedBy: monobugzilla at yellowguppy.com
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: HttpCookie Secure Property Does Not Set
+
+Description of Problem:
+When creating cookies using the Response.Cookies objects, I set the Secure
+flag on the HttpCookie but this flag does not update correctely and it
+seems to always default to Secure being true.
+
+The debian packages that I have installed are..
+
+ii mono 1.1.10-1 Mono CLI (.NET) runtime
+ii mono-apache-server 1.1.10-0pre2 backend for mod_mono Apache
+module
+ii mono-assemblies-base 1.1.10-1 Mono class library -
+transistion package
+ii mono-classlib-1.0 1.1.10-1 Mono class library (1.0)
+ii mono-classlib-2.0 1.1.10-1 Mono class library (2.0)
+ii mono-common 1.1.10-1 common files for Mono
+ii mono-gmcs 1.1.10-1 Mono C# 2.0 compiler
+ii mono-jit 1.1.10-1 fast CLI (.NET) JIT compiler
+for Mono
+ii mono-mcs 1.1.10-1 Mono C# compiler
+ii mono-xsp 1.0.5-2 simple web server to run
+ASP.NET application
+ii mono-xsp-base 1.1.10-0pre2 base libraries for XSP 1.1
+ii mono-xsp2-base 1.1.10-0pre2 base libraries for XSP 2.0
+
+Steps to reproduce the problem:
+1. Create a aspx page with the following function, on a non-ssl ms server
+and non-ssl mono server
+
+private void Page_Load(object sender, System.EventArgs e)
+{
+
+this.Response.Cookies["test"].Value =
+Convert.ToString(System.DateTime.Now.Ticks);
+this.Response.Cookies["test"].Secure = this.Context.Request.IsSecureConnection;
+this.Response.Cookies["test"].Path = this.Context.Request.ApplicationPath;
+
+if (this.Response.Cookies["test"].Secure ==
+this.Context.Request.IsSecureConnection)
+{
+this.Response.Write("Secure value of cookie1 was set correctely<br>");
+this.Response.Write("cookie:" + this.Response.Cookies["test"].Secure + "<br>");
+this.Response.Write("request:" + this.Context.Request.IsSecureConnection +
+"<br>");
+}
+else
+{
+this.Response.Write("Secure value of cookie1 was NOT set correctely<br>");
+this.Response.Write("cookie:" + this.Response.Cookies["test"].Secure + "<br>");
+this.Response.Write("request:" + this.Context.Request.IsSecureConnection +
+"<br>");
+}
+
+System.Web.HttpCookie cookie2 = new System.Web.HttpCookie("test2");
+cookie2.Secure = this.Context.Request.IsSecureConnection;
+cookie2.Path = this.Context.Request.ApplicationPath;
+this.Response.Cookies.Add(cookie2);
+
+if (this.Response.Cookies["test2"].Secure ==
+this.Context.Request.IsSecureConnection)
+{
+this.Response.Write("Secure value of cookie2 was set correctely<br>");
+this.Response.Write("cookie:" + this.Response.Cookies["test"].Secure + "<br>");
+this.Response.Write("request:" + this.Context.Request.IsSecureConnection +
+"<br>");
+}
+else
+{
+this.Response.Write("Secure value of cookie2 was NOT set correctely<br>");
+this.Response.Write("cookie:" + this.Response.Cookies["test"].Secure + "<br>");
+this.Response.Write("request:" + this.Context.Request.IsSecureConnection +
+"<br>");
+}
+}
+
+2. The MS runtime should allow updates to the Secure property.
+
+Output:
+Secure value of cookie1 was set correctely
+cookie:False
+request:False
+Secure value of cookie2 was set correctely
+cookie:False
+request:False
+
+3. The mono runtime should will not update the Secure property.
+
+Output:
+Secure value of cookie1 was NOT set correctely
+cookie:True
+request:False
+Secure value of cookie2 was NOT set correctely
+cookie:True
+request:False
+
+How often does this happen?
+consistently
More information about the mono-bugs
mailing list