question

AndrewHB-6266 avatar image
0 Votes"
AndrewHB-6266 asked AndrewHB-6266 answered

Cannot set a subdomain friendly cookie

I have been trying to resolve this all afternoon and failed miserably.

I have a simply ASP.NET form deployed to an Azure Web App service and I am trying to set a subdomain friendly cookie to allow me to access the same cookie in other sub domains. My code on the button click is: -

 protected void btnCookie_Click(object sender, EventArgs e)
 {
     HttpCookie cookie = new HttpCookie("AndyTest", "Working");
     cookie.Domain = ".azurewebsites.net";
     Response.SetCookie(cookie);
 }

I can then see in my response headers using Chrome dev tools the following: -

 Set-Cookie: AndyTest=Working; domain=.azurewebsites.net; path=/

However there is a little warning triangle next to it and it says: -

This Set-Cookie was blocked because its Domain attribute was invalid with regards to the current host url

I look at the Host request headers and this is as follows: -

 Host: skqmwq-auth3.azurewebsites.net

So everything looks to be setup correctly but I can't get it to work. I have also looked at a similar cookie in another application and it is set up identically to the above and works fine. Hence I assume it must be some kind of environment related configuration causing the error to be displayed by Chrome.

azure-webapps
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

AndrewHB-6266 avatar image
0 Votes"
AndrewHB-6266 answered

Well after spending hours and hours on this I stumbled across this post on StackOverflow

https://stackoverflow.com/a/52475993/10529344

There is a list of domain names that you cannot create sub domain cookies against, https://publicsuffix.org/list/public_suffix_list.dat not that chrome tells you that your domain is on this list, that would be way too easy.

I simply configured my CNAME's and hey presto my cookies now work!

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.