/// <inheritdoc /> public void Append(string key, string value, CookieOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } // SameSite=None cookies must be marked as Secure. if (!options.Secure && options.SameSite == SameSiteMode.None) { if (_logger == null) { var services = _features.Get <IServiceProvidersFeature>()?.RequestServices; _logger = services?.GetService <ILogger <ResponseCookies> >(); } if (_logger != null) { Log.SameSiteCookieNotSecure(_logger, key); } } var cookie = options.CreateCookieHeader( _enableCookieNameEncoding ? Uri.EscapeDataString(key) : key, Uri.EscapeDataString(value)).ToString(); Headers.SetCookie = StringValues.Concat(Headers.SetCookie, cookie); }
/// <inheritdoc /> public void Append(ReadOnlySpan <KeyValuePair <string, string> > keyValuePairs, CookieOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } // SameSite=None cookies must be marked as Secure. if (!options.Secure && options.SameSite == SameSiteMode.None) { if (_logger == null) { var services = _features.Get <IServiceProvidersFeature>()?.RequestServices; _logger = services?.GetService <ILogger <ResponseCookies> >(); } if (_logger != null) { foreach (var keyValuePair in keyValuePairs) { Log.SameSiteCookieNotSecure(_logger, keyValuePair.Key); } } } var cookieSuffix = options.CreateCookieHeader(string.Empty, string.Empty).ToString()[1..]; var cookies = new string[keyValuePairs.Length]; var position = 0; foreach (var keyValuePair in keyValuePairs) { var key = _enableCookieNameEncoding ? Uri.EscapeDataString(keyValuePair.Key) : keyValuePair.Key; cookies[position] = string.Concat(key, "=", Uri.EscapeDataString(keyValuePair.Value), cookieSuffix); position++; } // Can't use += as StringValues does not override operator+ // and the implict conversions will cause an incorrect string concat https://github.com/dotnet/runtime/issues/52507 Headers.SetCookie = StringValues.Concat(Headers.SetCookie, cookies); }