I have a brand new asp.net Core 3 web app that is supposed to work with an existing asp.net web app. The asp.net app is supposed to pass on some authentication information and metadata to the asp.netCore app but it shows an incorrect value for the name and content of one of the cookies!
The Asp.Net app creates two cookies, one with authentication token and one with some metadata about the user. as described below:
Cookie 1
name: MyCompanyAuth
value: [string of random stuff, ie Authentication Token]
SameSite: (Nothing)
Cookie 2
name: MyCompanyUser
value: Username=JohnDoe&Fullname=John Doe&ClientID=123456
SameSite: None
(expiry, domain, path, httpOnly, and Secure are the same.)
The first cookie is picked up perfectly by the asp.net core app. However, it cannot find the second cookie. But when I open the context.HttpContext.Request.Cookies collection it has this other cookie:
name: Doe&ClientID=
value: 123456
In the browser When I open up the dev tools and check the cookies everything seems to be fine but the webserver picks this weirdly. Also, I checked the code in the main app (asp.net one which creates the cookies) and it does not set SameSite for any of these at all.
Update:
context.HttpContext.Request.Headers["Cookie"] has the correct and complete contents, So either:
1) There is a bug in Asp.NetCore.MVC where it is converting context.HttpContext.Request.Headers["Cookie"] to a list of cookies, OR,
2) My call is violating some cookie size limitations. (but how can this be the case because the very end of the information is still in there!)
