如何解决.NET Core中间件中的反向代理“ set-cookie”响应未在浏览器中设置并且未在HttpResponseMessage中显示
在这里,我正在制作一个反向代理服务器来绕过ASP.NET Web应用程序(在this tutorial之后)。我正在尝试从HttpResponseMessage
中读取会话ID cookie。我也使用了cookie容器,但是找不到它。会话以ASP.NET核心调用方法实现,可以正常工作,但无法在请求或响应中捕获会话ID。
public async Task Invoke(HttpContext context,IbrowserDetector detector)
{
//context.Session.SetString(SessionKeyName,"The Doctor");
var browser = detector.browser;
var targetUri = BuildTargetUri(context.Request);
if (context.Request.Method != HttpMethod.Get.Method)
{
var remoteIp = context.Connection.RemoteIpAddress;
//var gg= context.Request.Headers.ContainsKey.;
var clienttdatetime = context.Request.Headers["Date"].ToString();
//_logger.LogDebug("Request from Remote IP address: {RemoteIp}",remoteIp);
var badIp = true;
var bytes = remoteIp.GetAddressBytes();
//var testIp = IPAddress.Parse(address);
//if (testIp.GetAddressBytes().SequenceEqual(bytes))
//{
// badIp = false;
// break;
//}
if (remoteIp.IsIPv4MappedToIPv6)
{
remoteIp = remoteIp.MapToIPv4();
}
IPAddress remoteIpAddress = context.Request.HttpContext.Connection.RemoteIpAddress;
string result = "";
if (remoteIpAddress != null)
{
// If we got an IPV6 address,then we need to ask the network for the IPV4 address
// This usually only happens when the browser is on the same machine as the server.
if (remoteIpAddress.AddressFamily == System.Net.sockets.AddressFamily.InterNetworkV6)
{
remoteIpAddress = System.Net.Dns.GetHostEntry(remoteIpAddress).AddressList
.First(x => x.AddressFamily == System.Net.sockets.AddressFamily.InterNetwork);
}
result = remoteIpAddress.ToString();
}
if (badIp)
{
//_logger.LogWarning(
// "Forbidden Request from Remote IP address: {RemoteIp}",remoteIp);
//context.Response.StatusCode = StatusCodes.Status403Forbidden;
//return;
}
}
if (targetUri != null)
{
CookieContainer cookies = new CookieContainer();
httpclienthandler handler = new httpclienthandler();
handler.CookieContainer = cookies;
var targetRequestMessage = CreateTargetMessage(context,targetUri);
using (var responseMessage = await _httpClient.SendAsync(targetRequestMessage,HttpCompletionoption.ResponseHeadersRead,context.RequestAborted))
{
IEnumerable<Cookie> responseCookies = cookies.GetCookies(targetUri).Cast<Cookie>();
foreach (Cookie cookie_ in responseCookies)
Console.WriteLine(cookie_.Name + ": " + cookie_.Value);
// ExtractCookiesFromresponse(responseMessage);
context.Response.StatusCode = (int)responseMessage.StatusCode;
copyFromTargetResponseHeaders(context,responseMessage);
await responseMessage.Content.copyToAsync(context.Response.Body);
//if(responseMessage.RequestMessage.RequestUri.ToString()== "http://localhost:51125/Menu.aspx")
//{
//Uri uri = new Uri("http://localhost:5000/login.aspx");
//Build the request
//Uri site = targetUri;
// HttpWebRequest request = (HttpWebRequest)WebRequest.Create(site);
// CookieContainer cookiesq = new CookieContainer();
// request.CookieContainer = cookiesq;
// //Print out the number of cookies before the response (of course it will be blank)
// Console.WriteLine(cookiesq.GetCookieHeader(site),"1");
// //Get the response and print out the cookies again
// using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
// {
// Console.WriteLine(cookiesq.GetCookieHeader(site),"2");
// }
// Console.ReadKey();
//}
var cookie = context.Request.Cookies["ASP.NET_SessionId"];
}
return;
}
await _nextMiddleware(context);
}
------------------------------------------------------------------------------------
public static IDictionary<string,string> ExtractCookiesFromresponse(HttpResponseMessage response)
{
IDictionary<string,string> result = new Dictionary<string,string>();
IEnumerable<string> values;
if (response.Headers.TryGetValues("Set-Cookie",out values))
{
SetCookieHeaderValue.ParseList(values.ToList()).ToList().ForEach(cookie =>
{
result.Add(cookie.Name.ToString(),cookie.Value.ToString());
});
}
return result;
}
解决方法
据我所知,您创建了HttpClientHandler
,但没有使用它来构建HttpClient
来进行请求。您仍在使用静态_httpClient
,它对您创建的cookie容器一无所知。
这应该是您使CookieContainer
仍然为空的原因。
看看here,了解如何从HttpResponseMessage
获取cookie。
CookieContainer cookies = new CookieContainer();
HttpClientHandler handler = new HttpClientHandler();
handler.CookieContainer = cookies;
_httpClient = new HttpClient(handler);
var targetRequestMessage = CreateTargetMessage(context,targetUri);
using (var responseMessage = await _httpClient.SendAsync(targetRequestMessage,HttpCompletionOption.ResponseHeadersRead,context.RequestAborted))
{
//var responseCookies = cookies.GetCookies(targetUri).Cast<Cookie>();
IEnumerable<Cookie> responseCookies = cookies.GetCookies(targetUri).Cast<Cookie>();
foreach (Cookie cookie in responseCookies)
{
if(cookie.Name=="ASP.NET_SessionId")
{
Console.WriteLine(cookie.Name + ": " + cookie.Value);
context.Response.Headers.Add("Set-Cookie",cookie.Name+"="+cookie.Value);
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。