This repository was archived by the owner on Dec 18, 2018. It is now read-only.
This repository was archived by the owner on Dec 18, 2018. It is now read-only.
Cookies with non-ASCII causing all endpoints to give status code 400 #1076
Description
Hi everyone,
I'm working on a AspNetCore project and I have run into a odd problem.
When I send cookies to Kestrel where the value of a cookie contains "æ" (a danish character) then the request will return a status code 400 and never reach my controller (used debugger).
With debugging level "Error" nothing is printed to the Kestrel console but if I change debugging level to "Information" I get the following information exception messsage:
Connection id "0HKUIAF77PQFU" bad request data: "The input string contains non-ASCII or null characters."
Microsoft.AspNetCore.Server.Kestrel.BadHttpRequestException: The input string contains non-ASCII or null characters.
at Microsoft.AspNetCore.Server.Kestrel.Internal.Infrastructure.MemoryPoolIteratorExtensions.GetAsciiString(MemoryPoolIterator start, MemoryPoolIterator end)
at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.Frame.TakeMessageHeaders(SocketInput input, FrameRequestHeaders requestHeaders)
at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.Frame`1.<RequestProcessingAsync>d__2.MoveNext()
warn: Microsoft.AspNetCore.Server.Kestrel[0]
Connection processing ended abnormally
Microsoft.AspNetCore.Server.Kestrel.BadHttpRequestException: The input string contains non-ASCII or null characters.
at Microsoft.AspNetCore.Server.Kestrel.Internal.Infrastructure.MemoryPoolIteratorExtensions.GetAsciiString(MemoryPoolIterator start, MemoryPoolIterator end)
at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.Frame.TakeMessageHeaders(SocketInput input, FrameRequestHeaders requestHeaders)
at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.Frame`1.<RequestProcessingAsync>d__2.MoveNext()
The main problem is that the project we are working on is original a .NET 4.5 project so we can't just use "ae" instead (The cookie is set with clientside tracking).
If you need some more information to reproduce this just let me know.
Best regards Martin