diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-12-24 18:08:15 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-12-24 18:08:15 -0800 |
| commit | de8497efbe0cc8ce84e3cd9c08391afa486c41ab (patch) | |
| tree | 6feb9f19265f95756735bcecbb68063bbfc09b16 /src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs | |
| parent | d3f4149dd35b85b7ce00cb9a4b3208cab6065b86 (diff) | |
| download | DotNetOpenAuth-de8497efbe0cc8ce84e3cd9c08391afa486c41ab.zip DotNetOpenAuth-de8497efbe0cc8ce84e3cd9c08391afa486c41ab.tar.gz DotNetOpenAuth-de8497efbe0cc8ce84e3cd9c08391afa486c41ab.tar.bz2 | |
Replaces use of ASP.NET session id with random key.
Fixes #229
Diffstat (limited to 'src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs')
| -rw-r--r-- | src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs b/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs index 9ef89e9..e1e9d53 100644 --- a/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs +++ b/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs @@ -43,6 +43,7 @@ namespace DotNetOpenAuth.Messaging { internal OutgoingWebResponse() { this.Status = HttpStatusCode.OK; this.Headers = new WebHeaderCollection(); + this.Cookies = new HttpCookieCollection(); } /// <summary> @@ -56,6 +57,7 @@ namespace DotNetOpenAuth.Messaging { this.Status = response.StatusCode; this.Headers = response.Headers; + this.Cookies = new HttpCookieCollection(); this.ResponseStream = new MemoryStream(response.ContentLength < 0 ? 4 * 1024 : (int)response.ContentLength); using (Stream responseStream = response.GetResponseStream()) { // BUGBUG: strictly speaking, is the response were exactly the limit, we'd report it as truncated here. @@ -86,6 +88,11 @@ namespace DotNetOpenAuth.Messaging { public bool IsResponseTruncated { get; internal set; } /// <summary> + /// Gets the cookies collection to add as headers to the HTTP response. + /// </summary> + public HttpCookieCollection Cookies { get; internal set; } + + /// <summary> /// Gets or sets the body of the response as a string. /// </summary> public string Body { @@ -239,6 +246,17 @@ namespace DotNetOpenAuth.Messaging { response.StatusCode = (int)this.Status; MessagingUtilities.ApplyHeadersToResponse(this.Headers, response); + foreach (HttpCookie httpCookie in this.Cookies) { + var cookie = new Cookie(httpCookie.Name, httpCookie.Value) { + Expires = httpCookie.Expires, + Path = httpCookie.Path, + HttpOnly = httpCookie.HttpOnly, + Secure = httpCookie.Secure, + Domain = httpCookie.Domain, + }; + response.AppendCookie(cookie); + } + if (this.ResponseStream != null) { response.ContentLength64 = this.ResponseStream.Length; this.ResponseStream.CopyTo(response.OutputStream); @@ -346,6 +364,11 @@ namespace DotNetOpenAuth.Messaging { } } + foreach (string cookieName in this.Cookies) { + var cookie = this.Cookies[cookieName]; + context.Response.AppendCookie(cookie); + } + if (endRequest) { // This approach throws an exception in order that // no more code is executed in the calling page. |