/// <summary>
/// Loads the temp data from the request.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <returns>The temp data.</returns>
public IDictionary <string, object> LoadTempData(HttpContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
if (context.Request.Cookies.ContainsKey(_options.Cookie.Name))
{
// The cookie we use for temp data is user input, and might be invalid in many ways.
//
// Since TempData is a best-effort system, we don't want to throw and get a 500 if the cookie is
// bad, we will just clear it and ignore the exception. The common case that we've identified for
// this is misconfigured data protection settings, which can cause the key used to create the
// cookie to no longer be available.
try
{
var encodedValue = _chunkingCookieManager.GetRequestCookie(context, _options.Cookie.Name);
if (!string.IsNullOrEmpty(encodedValue))
{
var protectedData = WebEncoders.Base64UrlDecode(encodedValue);
var unprotectedData = _dataProtector.Unprotect(protectedData);
var tempData = _tempDataSerializer.Deserialize(unprotectedData);
_logger.TempDataCookieLoadSuccess(_options.Cookie.Name);
return(tempData);
}
}
catch (Exception ex)
{
_logger.TempDataCookieLoadFailure(_options.Cookie.Name, ex);
// If we've failed, we want to try and clear the cookie so that this won't keep happening
// over and over.
if (!context.Response.HasStarted)
{
_chunkingCookieManager.DeleteCookie(context, _options.Cookie.Name, _options.Cookie.Build(context));
}
}
}
_logger.TempDataCookieNotFound(_options.Cookie.Name);
return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase));
}
public IDictionary <string, object> LoadTempData(HttpContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
if (context.Request.Cookies.ContainsKey(CookieName))
{
var encodedValue = _chunkingCookieManager.GetRequestCookie(context, CookieName);
if (!string.IsNullOrEmpty(encodedValue))
{
var protectedData = Base64UrlTextEncoder.Decode(encodedValue);
var unprotectedData = _dataProtector.Unprotect(protectedData);
return(_tempDataSerializer.Deserialize(unprotectedData));
}
}
return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase));
}
/// <inheritdoc />
public virtual IDictionary <string, object> LoadTempData(HttpContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
// Accessing Session property will throw if the session middleware is not enabled.
var session = context.Session;
if (session.TryGetValue(TempDataSessionStateKey, out var value))
{
// If we got it from Session, remove it so that no other request gets it
session.Remove(TempDataSessionStateKey);
return(_tempDataSerializer.Deserialize(value));
}
return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase));
}
