0

I found a working solution to get HttpOnly cookies, however it only returns one cookie, while I expect multiple cookies.

Can somebody tell me what I do wrong?

    private const Int32 InternetCookieHttponly = 0x2000;
    [DllImport("wininet.dll", SetLastError = true)]
    public static extern bool InternetGetCookieEx(string pchURL, string pchCookieName, StringBuilder pchCookieData, ref uint pcchCookieData, int dwFlags, IntPtr lpReserved);
    const int INTERNET_COOKIE_HTTPONLY = 0x00002000;

    public static string GetGlobalCookies(string uri)
    {
        uint datasize = 1024;
        StringBuilder cookieData = new StringBuilder((int)datasize);
        if (InternetGetCookieEx(uri, "cookiename", cookieData, ref datasize, INTERNET_COOKIE_HTTPONLY, IntPtr.Zero)
            && cookieData.Length > 0)
        {
            return cookieData.ToString().Replace(';', ',');
        }
        else
        {
            return null;
        }
    }
Joe Phillips
  • 49,743
  • 32
  • 103
  • 159
user3763117
  • 327
  • 1
  • 5
  • 18

1 Answers1

-1

The pchCookieName parameter is the case-sensitive name of the cookie to retrieve. You are passing in the string "cookiename", so the function will only return that cookie.

According to this MSDN code sample, you can retrieve all cookies by passing null to this parameter.

using System; 
using System.Collections.Generic; 
using System.Linq; 
using System.Text; 
using System.Runtime.InteropServices; 

namespace MSDN.Samples.ClaimsAuth 
{ 
    /// <summary> 
    /// WinInet.dll wrapper 
    /// </summary> 
    internal static class CookieReader 
    { 
        /// <summary> 
        /// Enables the retrieval of cookies that are marked as "HTTPOnly".  
        /// Do not use this flag if you expose a scriptable interface,  
        /// because this has security implications. It is imperative that  
        /// you use this flag only if you can guarantee that you will never  
        /// expose the cookie to third-party code by way of an  
        /// extensibility mechanism you provide.  
        /// Version:  Requires Internet Explorer 8.0 or later. 
        /// </summary> 
        private const int INTERNET_COOKIE_HTTPONLY = 0x00002000; 

        [DllImport("wininet.dll", SetLastError = true)] 
        private static extern bool InternetGetCookieEx( 
            string url, 
            string cookieName, 
            StringBuilder cookieData, 
            ref int size, 
            int flags, 
            IntPtr pReserved); 

        /// <summary> 
        /// Returns cookie contents as a string 
        /// </summary> 
        /// <param name="url"></param> 
        /// <returns></returns> 
        public static string GetCookie(string url) 
        { 
            int size = 512; 
            StringBuilder sb = new StringBuilder(size); 
            if (!InternetGetCookieEx(url, null, sb, ref size, INTERNET_COOKIE_HTTPONLY, IntPtr.Zero)) 
            { 
                if (size < 0) 
                { 
                    return null; 
                } 
                sb = new StringBuilder(size); 
                if (!InternetGetCookieEx(url, null, sb, ref size, INTERNET_COOKIE_HTTPONLY, IntPtr.Zero)) 
                { 
                    return null; 
                } 
            } 
            return sb.ToString(); 
        } 
    } 
}
Richard Deeming
  • 29,830
  • 10
  • 79
  • 151