Changes to CookieContainer

Has something changed recently with the CookieContainer class - particularly perhaps in relation to serialization.

Our app uses CookieContainer to store cookies and persists them across sessions using binary serialization. This has been working flawlessly for probably a couple of years. Last week we started to notice occasional crashes related to CookieContainer - either while deserializing or accessing the contained cookies. These crashes seem to happen when upgrading older versions of the app to the lastest (as opposed to fresh installs). The crashes happen on both iOS and Android. Uninstalling and reinstalling the app fixes the problem, but this isn't a viable solution for our customers.

Known issue?

Best Answer

Answers

  • BradRobinsonBradRobinson AUMember ✭✭✭

    Thanks @adamkemp

    I seem to remember that when I originally wrote the code to save the container I wanted to write it as json but couldn't because there was something about the cookie container class that prevented me manually re-adding the cookies back to the container when loading.

    I'll take another look today, but sounds like I might need to manually parse the old binary format to fix this.

    Brad

  • BradRobinsonBradRobinson AUMember ✭✭✭
    edited May 2015

    Hi @adamkemp

    I just took another look at this and remember the issue now. As far as I can tell there's no way to enumerate the CookieContainer in order to save it. There's GetCookies(uri) to get the cookies for a particular URI, but you can't get the set of contained URIs. So we relied on binary serialization - which now seems to be broken.

    So, how does one reliably serialize a CookieContainer across app upgrades?

    Brad

  • BradRobinsonBradRobinson AUMember ✭✭✭

    Also, the Cookie.Timestamp property is read-only.

  • adamkempadamkemp USInsider, Developer Group Leader mod

    What is the consumer of the CookieContainer? If it's an HttpWebRequest then I think you are expected to get the cookies from the response and keep track of them there. I think the CookieContainer is meant for putting cookies into initially and for keeping state between web requests (by sharing the same container). I don't think it's intended necessarily as a means of accessing the cookies yourself. I could be wrong.

  • BradRobinsonBradRobinson AUMember ✭✭✭

    That might well be the case, but not at all obvious from the API nor from the documentation. Also being marked as Serializable and the fact that the two most accepted answers on stackoverflow is to use binary serialization, it's disappointing to find this broken.

  • adamkempadamkemp USInsider, Developer Group Leader mod

    Many answers on SO are bad. :)

    Like I said, it works within constraints, but unfortunately those constraints don't apply to your situation. I think Microsoft pushed the Serializable thing too much before they realized how brittle it was.

Sign In or Register to comment.