[url=http://blog.csdn.net/dz45693/article/details/8149554]HttpRequest的QueryString属性 的一点认识 [/url]。现在我们获取Cookie已经基本完成了。那么我们接下来看看是如何添加Cookie的了。
首先我们来看看HttpResponse的Cookie属性:
public HttpCookieCollection Cookies
{
get
{
if (this._cookies == null)
{
this._cookies = new HttpCookieCollection(this, false);
}
return this._cookies;
}
}
接下来我们看看HttpCookie的实现如下:
public sealed class HttpCookie {
private String _name;
private String _path = "/";
private bool _secure;
private bool _httpOnly;
private String _domain;
private bool _expirationSet;
private DateTime _expires;
private String _stringValue;
private HttpValueCollection _multiValue;
private bool _changed;
private bool _added;
internal HttpCookie() {
_changed = true;
}
/*
* Constructor - empty cookie with name
*/
/// <devdoc>
/// <para>
/// Initializes a new instance of the <see cref='System.Web.HttpCookie'/>
/// class.
/// </para>
/// </devdoc>
public HttpCookie(String name) {
_name = name;
SetDefaultsFromConfig();
_changed = true;
}
/*
* Constructor - cookie with name and value
*/
/// <devdoc>
/// <para>
/// Initializes a new instance of the <see cref='System.Web.HttpCookie'/>
/// class.
/// </para>
/// </devdoc>
public HttpCookie(String name, String value) {
_name = name;
_stringValue = value;
SetDefaultsFromConfig();
_changed = true;
}
private void SetDefaultsFromConfig() {
HttpCookiesSection config = RuntimeConfig.GetConfig().HttpCookies;
_secure = config.RequireSSL;
_httpOnly = config.HttpOnlyCookies;
if (config.Domain != null && config.Domain.Length > 0)
_domain = config.Domain;
}
/*
* Whether the cookie contents have changed
*/
internal bool Changed {
get { return _changed; }
set { _changed = value; }
}
/*
* Whether the cookie has been added
*/
internal bool Added {
get { return _added; }
set { _added = value; }
}
// DevID 251951 Cookie is getting duplicated by ASP.NET when they are added via a native module
// This flag is used to remember that this cookie came from an IIS Set-Header flag,
// so we don't duplicate it and send it back to IIS
internal bool FromHeader {
get;
set;
}
/*
* Cookie name
*/
/// <devdoc>
/// <para>
/// Gets
/// or sets the name of cookie.
/// </para>
/// </devdoc>
public String Name {
get { return _name;}
set {
_name = value;
_changed = true;
}
}
/*
* Cookie path
*/
/// <devdoc>
/// <para>
/// Gets or sets the URL prefix to transmit with the
/// current cookie.
/// </para>
/// </devdoc>
public String Path {
get { return _path;}
set {
_path = value;
_changed = true;
}
}
/*
* 'Secure' flag
*/
/// <devdoc>
/// <para>
/// Indicates whether the cookie should be transmitted only over HTTPS.
/// </para>
/// </devdoc>
public bool Secure {
get { return _secure;}
set {
_secure = value;
_changed = true;
}
}
/// <summary>
/// Determines whether this cookie is allowed to participate in output caching.
/// </summary>
/// <remarks>
/// If a given HttpResponse contains one or more outbound cookies with Shareable = false (the default value),
/// output caching will be suppressed for that response. This prevents cookies that contain potentially
/// sensitive information, e.g. FormsAuth cookies, from being cached in the response and sent to multiple
/// clients. If a developer wants to allow a response containing cookies to be cached, he should configure
/// caching as normal for the response, e.g. via the OutputCache directive, MVC's [OutputCache] attribute,
/// etc., and he should make sure that all outbound cookies are marked Shareable = true.
/// </remarks>
public bool Shareable {
get;
set; // don't need to set _changed flag since Set-Cookie header isn't affected by value of Shareable
}
/// <devdoc>
/// <para>
/// Indicates whether the cookie should have HttpOnly attribute
/// </para>
/// </devdoc>
public bool HttpOnly {
get { return _httpOnly;}
set {
_httpOnly = value;
_changed = true;
}
}
/*
* Cookie domain
*/
/// <devdoc>
/// <para>
/// Restricts domain cookie is to be used with.
/// </para>
/// </devdoc>
public String Domain {
get { return _domain;}
set {
_domain = value;
_changed = true;
}
}
/*
* Cookie expiration
*/
/// <devdoc>
/// <para>
/// Expiration time for cookie (in minutes).
/// </para>
/// </devdoc>
public DateTime Expires {
get {
return(_expirationSet ? _expires : DateTime.MinValue);
}
set {
_expires = value;
_expirationSet = true;
_changed = true;
}
}
/*
* Cookie value as string
*/
/// <devdoc>
/// <para>
/// Gets
/// or
/// sets an individual cookie value.
/// </para>
/// </devdoc>
public String Value {
get {
if (_multiValue != null)
return _multiValue.ToString(false);
else
return _stringValue;
}
set {
if (_multiValue != null) {
// reset multivalue collection to contain
// single keyless value
_multiValue.Reset();
_multiValue.Add(null, value);
}
else {
// remember as string
_stringValue = value;
}
_changed = true;
}
}
/*
* Checks is cookie has sub-keys
*/
/// <devdoc>
/// <para>Gets a
/// value indicating whether the cookie has sub-keys.</para>
/// </devdoc>
public bool HasKeys {
get { return Values.HasKeys();}
}
private bool SupportsHttpOnly(HttpContext context) {
if (context != null && context.Request != null) {
HttpBrowserCapabilities browser = context.Request.Browser;
return (browser != null && (browser.Type != "IE5" || browser.Platform != "MacPPC"));
}
return false;
}
/*
* Cookie values as multivalue collection
*/
/// <devdoc>
/// <para>Gets individual key:value pairs within a single cookie object.</para>
/// </devdoc>
public NameValueCollection Values {
get {
if (_multiValue == null) {
// create collection on demand
_multiValue = new HttpValueCollection();
// convert existing string value into multivalue
if (_stringValue != null) {
if (_stringValue.IndexOf('&') >= 0 || _stringValue.IndexOf('=') >= 0)
_multiValue.FillFromString(_stringValue);
else
_multiValue.Add(null, _stringValue);
_stringValue = null;
}
}
_changed = true;
return _multiValue;
}
}
/*
* Default indexed property -- lookup the multivalue collection
*/
/// <devdoc>
/// <para>
/// Shortcut for HttpCookie$Values[key]. Required for ASP compatibility.
/// </para>
/// </devdoc>
public String this[String key]
{
get {
return Values[key];
}
set {
Values[key] = value;
_changed = true;
}
}
/*
* Construct set-cookie header
*/
internal HttpResponseHeader GetSetCookieHeader(HttpContext context) {
StringBuilder s = new StringBuilder();
// cookiename=
if (!String.IsNullOrEmpty(_name)) {
s.Append(_name);
s.Append('=');
}
// key=value&...
if (_multiValue != null)
s.Append(_multiValue.ToString(false));
else if (_stringValue != null)
s.Append(_stringValue);
// domain
if (!String.IsNullOrEmpty(_domain)) {
s.Append("; domain=");
s.Append(_domain);
}
// expiration
if (_expirationSet && _expires != DateTime.MinValue) {
s.Append("; expires=");
s.Append(HttpUtility.FormatHttpCookieDateTime(_expires));
}
// path
if (!String.IsNullOrEmpty(_path)) {
s.Append("; path=");
s.Append(_path);
}
// secure
if (_secure)
s.Append("; secure");
// httponly, Note: IE5 on the Mac doesn't support this
if (_httpOnly && SupportsHttpOnly(context)) {
s.Append("; HttpOnly");
}
// return as HttpResponseHeader
return new HttpResponseHeader(HttpWorkerRequest.HeaderSetCookie, s.ToString());
}
}
现在我们回到HttpCookieCollection的Add方法看看,
public void Add(HttpCookie cookie) {
if (_response != null)
_response.BeforeCookieCollectionChange();
AddCookie(cookie, true);
if (_response != null)
_response.OnCookieAdd(cookie);
}
public sealed class HttpResponse
{
internal void BeforeCookieCollectionChange()
{
if (this._headersWritten)
{
throw new HttpException(SR.GetString("Cannot_modify_cookies_after_headers_sent"));
}
}
internal void OnCookieAdd(HttpCookie cookie)
{
this.Request.AddResponseCookie(cookie);
}
}
public sealed class HttpRequest
{
internal void AddResponseCookie(HttpCookie cookie)
{
if (this._cookies != null)
{
this._cookies.AddCookie(cookie, true);
}
if (this._params != null)
{
this._params.MakeReadWrite();
this._params.Add(cookie.Name, cookie.Value);
this._params.MakeReadOnly();
}
}
}
到这里我们应该知道每添加或修改一个Cookie都会调用HttpResponse的BeforeCookieCollectionChange和OnCookieAdd方法,BeforeCookieCollectionChange是确认我们的cookie是否可以添加的,以前在项目中就遇到这里的错误信息说什么“在header发送后不能修改cookie”,看见默认情况下_headersWritten是false,那么它通常在哪里被设置为true了,在HttpReaponse的BeginExecuteUrlForEntireResponse、Flush、EndFlush方法中被设置为true,而我们最常接触到的还是Flush方法。这里的OnCookieAdd方法确保Cookie实例同时也添加到HttpRequest中。
internal void AddCookie(HttpCookie cookie, bool append) {
ThrowIfMaxHttpCollectionKeysExceeded();
_all = null;
_allKeys = null;
if (append) {
// DevID 251951 Cookie is getting duplicated by ASP.NET when they are added via a native module
// Need to not double add response cookies from native modules
if (!cookie.FromHeader) {
// mark cookie as new
cookie.Added = true;
}
BaseAdd(cookie.Name, cookie);
}
else {
if (BaseGet(cookie.Name) != null) {
// mark the cookie as changed because we are overriding the existing one
cookie.Changed = true;
}
BaseSet(cookie.Name, cookie);
}
}
private void ThrowIfMaxHttpCollectionKeysExceeded() {
if (Count >= AppSettings.MaxHttpCollectionKeys) {
throw new InvalidOperationException(SR.GetString(SR.CollectionCountExceeded_HttpValueCollection, AppSettings.MaxHttpCollectionKeys));
}
}
这里的AddCookie方法也非常简单,不过每次添加都会去检查Cookie的个数是否超过最大值。其实添加Cookie还可以调用HttpResponse的AppendCookie方法,
public void AppendCookie(HttpCookie cookie)
{
if (this._headersWritten)
{
throw new HttpException(SR.GetString("Cannot_append_cookie_after_headers_sent"));
}
this.Cookies.AddCookie(cookie, true);
this.OnCookieAdd(cookie);
}
这里它的实现和HttpCookieCollection的 public void Add(HttpCookie cookie)方法实现一致。
同样我们也知道这些Cookie是在HttpResponse的GenerateResponseHeadersForCookies方法中被使用,
其中GenerateResponseHeadersForCookies方法的实现如下:
internal void GenerateResponseHeadersForCookies()
{
if (_cookies == null || (_cookies.Count == 0 && !_cookies.Changed))
return; // no cookies exist
HttpHeaderCollection headers = Headers as HttpHeaderCollection;
HttpResponseHeader cookieHeader = null;
HttpCookie cookie = null;
bool needToReset = false;
// Go through all cookies, and check whether any have been added
// or changed. If a cookie was added, we can simply generate a new
// set cookie header for it. If the cookie collection has been
// changed (cleared or cookies removed), or an existing cookie was
// changed, we have to regenerate all Set-Cookie headers due to an IIS
// limitation that prevents us from being able to delete specific
// Set-Cookie headers for items that changed.
if (!_cookies.Changed)
{
for(int c = 0; c < _cookies.Count; c++)
{
cookie = _cookies[c];
if (cookie.Added) {
// if a cookie was added, we generate a Set-Cookie header for it
cookieHeader = cookie.GetSetCookieHeader(_context);
headers.SetHeader(cookieHeader.Name, cookieHeader.Value, false);
cookie.Added = false;
cookie.Changed = false;
}
else if (cookie.Changed) {
// if a cookie has changed, we need to clear all cookie
// headers and re-write them all since we cant delete
// specific existing cookies
needToReset = true;
break;
}
}
}
if (_cookies.Changed || needToReset)
{
// delete all set cookie headers
headers.Remove("Set-Cookie");
// write all the cookies again
for(int c = 0; c < _cookies.Count; c++)
{
// generate a Set-Cookie header for each cookie
cookie = _cookies[c];
cookieHeader = cookie.GetSetCookieHeader(_context);
headers.SetHeader(cookieHeader.Name, cookieHeader.Value, false);
cookie.Added = false;
cookie.Changed = false;
}
_cookies.Changed = false;
}
}
这里我们还是来总结一下吧:在HttpWorkerRequest中我们调用 GetKnownRequestHeader方法来获取Cookie的字符串形式,然后再将这里的字符串转化为HttpCookie集合供 HttpRequest使用,在HttpResponse中的GenerateResponseHeadersForCookies方法中会处理我们的 cookie实例,调用cookie的GetSetCookieHeader方法得到HttpCookie对应的字符串值,然后把该值添加到 HttpHeaderCollection 集合中(或者修改已有的值)。在获取cookie是这里有一个验证需要我们注意的就是 RequestValidator.Current.IsValidRequestString方法。 在添加或修改Cookie是有2个地方的检查(1)检查Cookie的个数是否达到我们配置的cookie最大个数,(2)现在是否已经写入头信息,如果 头信息已经写了则不能操作cookie。
机械节能产品生产企业官网模板...
大气智能家居家具装修装饰类企业通用网站模板...
礼品公司网站模板
宽屏简约大气婚纱摄影影楼模板...
蓝白WAP手机综合医院类整站源码(独立后台)...
