Part of the cookie is invalid

We found bug in HttpTools library.

When response header contains Set-Cookie header, method tries to parse content. In code, there is function split(',') to split string into more cookies (they can be divided by , according to recommendation. But cookie can contain parameter expires with date value. This date can be for example Tue, 5-1-2017 14:28:00. In this case, split function breaks cookie parsing and thus raises above error.

Stack trace:

at System.Net.Cookie.set_Name(String value)
   at System.Net.Cookie..ctor(String name, String value)
   at CZ.Advantages.Asap.HttpTools.FixCookies(HttpWebRequest request, HttpWebResponse response)
   at CZ.Advantages.Asap.HttpTools.GetResponse(String url, String method, String content, String contentType, Hashtable headers, String authenticationType, String userName, String password, Nullable`1 timeoutMs, CookieCollection cookies, Boolean ignoreHTTPSErrors)
   at CZ.Advantages.Asap.HttpTools.SendRequest(String url, String method, String content, String contentType, Hashtable headers, String authenticationType, String userName, String password, Boolean returnAsStream)
   at CZ.Advantages.Asap.Rule.RuleEngine.HttpRequest(String url, String method, String content, String contentType, XPathNavigator headers, String authenticationType, String userName, String password)
   at CZ.Advantages.Asap.Rule.RuleEngine.HttpRequest(String url, String method, String content, String contentType, XPathNavigator headers)

The 'Name'=' 29-Dec-2017 17:46:31 GMT; Max-Age' part of the cookie is invalid.
-------------------------------- 
The 'Name'=' 29-Dec-2017 17:46:31 GMT; Max-Age' part of the cookie is invalid.
-------------------------------- 
Transformation result invalid.
-------------------------------- 
Function 'AS:HttpRequest()' has failed.
-------------------------------- 
Exception has been thrown by the target of an invocation.
-------------------------------- 
The 'Name'=' 29-Dec-2017 17:46:31 GMT; Max-Age' part of the cookie is invalid.​

Hi. Could you post the url which produced the problem so that I can try to reproduce it? Thanks

It is locally developed on my workstation. You can mock it though. Just POST to some url which respond with Set-Cookie header which contains , in expires parameter.

I can paste you the header which causes the problem. It is from Laravel Session Management module.

Set-Cookie:laravel_session=eyJpdiI6IitMTzdWNVJwUkRVRWZpK1pCdzRzbmc9PSIsInZhbHVlIjoiZmJuUUkwRXFrWVBjM3pST0NuREZZYzl2UEU5eCtlU2V2QURGZ0xWdWFTY3lqYk5MT3RjbnBaT3dJN0dIQW5wZDBEWUhlbVRjd3c2aHkzdVJYZHRmVlE9PSIsIm1hYyI6ImI0ODdhYzM1MjBiOTY5ZTI1MTM5YzRjYjc4Mzk5YmY3NDk3NTgwZmZhYzhmY2VkZmE1N2QxYmU5NDU5NjExZTQifQ%3D%3D; expires=Thu, 11-Jan-2018 17:50:21 GMT; Max-Age=7200; path=/; HttpOnly

You can see that expire date contains , so the header cannot be parsed as split(',') because in this case it is not dividing multiple cookies.

Your issue should be fixed now.

1 Like