/// <summary> /// Loads the temp data from the request. /// </summary> /// <param name="context">The <see cref="HttpContext"/>.</param> /// <returns>The temp data.</returns> public IDictionary <string, object> LoadTempData(HttpContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } if (context.Request.Cookies.ContainsKey(_options.Cookie.Name)) { // The cookie we use for temp data is user input, and might be invalid in many ways. // // Since TempData is a best-effort system, we don't want to throw and get a 500 if the cookie is // bad, we will just clear it and ignore the exception. The common case that we've identified for // this is misconfigured data protection settings, which can cause the key used to create the // cookie to no longer be available. try { var encodedValue = _chunkingCookieManager.GetRequestCookie(context, _options.Cookie.Name); if (!string.IsNullOrEmpty(encodedValue)) { var protectedData = WebEncoders.Base64UrlDecode(encodedValue); var unprotectedData = _dataProtector.Unprotect(protectedData); var tempData = _tempDataSerializer.Deserialize(unprotectedData); _logger.TempDataCookieLoadSuccess(_options.Cookie.Name); return(tempData); } } catch (Exception ex) { _logger.TempDataCookieLoadFailure(_options.Cookie.Name, ex); // If we've failed, we want to try and clear the cookie so that this won't keep happening // over and over. if (!context.Response.HasStarted) { _chunkingCookieManager.DeleteCookie(context, _options.Cookie.Name, _options.Cookie.Build(context)); } } } _logger.TempDataCookieNotFound(_options.Cookie.Name); return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase)); }
public IDictionary <string, object> LoadTempData(HttpContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } if (context.Request.Cookies.ContainsKey(CookieName)) { var encodedValue = _chunkingCookieManager.GetRequestCookie(context, CookieName); if (!string.IsNullOrEmpty(encodedValue)) { var protectedData = Base64UrlTextEncoder.Decode(encodedValue); var unprotectedData = _dataProtector.Unprotect(protectedData); return(_tempDataSerializer.Deserialize(unprotectedData)); } } return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase)); }
/// <inheritdoc /> public virtual IDictionary <string, object> LoadTempData(HttpContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } // Accessing Session property will throw if the session middleware is not enabled. var session = context.Session; if (session.TryGetValue(TempDataSessionStateKey, out var value)) { // If we got it from Session, remove it so that no other request gets it session.Remove(TempDataSessionStateKey); return(_tempDataSerializer.Deserialize(value)); } return(new Dictionary <string, object>(StringComparer.OrdinalIgnoreCase)); }