Keep ResponseCookie options on delete. (#905)

2017-08-10 18:01:30 -07:00 · 2017-08-10 18:01:30 -07:00 · 594f55947f
parent 5ec8a7134e
commit 594f55947f
2 changed files with 33 additions and 0 deletions
--- a/src/Microsoft.AspNetCore.Http/Internal/ResponseCookies.cs
+++ b/src/Microsoft.AspNetCore.Http/Internal/ResponseCookies.cs
@ -129,6 +129,9 @@ namespace Microsoft.AspNetCore.Http.Internal
                Path = options.Path,
                Domain = options.Domain,
                Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc),
+                Secure = options.Secure,
+                HttpOnly = options.HttpOnly,
+                SameSite = options.SameSite
            });
        }
    }
--- a/test/Microsoft.AspNetCore.Http.Tests/ResponseCookiesTest.cs
+++ b/test/Microsoft.AspNetCore.Http.Tests/ResponseCookiesTest.cs
@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

+using System;
 using System.Text;
 using Microsoft.AspNetCore.Http.Internal;
 using Microsoft.Extensions.ObjectPool;
@ -27,6 +28,35 @@ namespace Microsoft.AspNetCore.Http.Tests
            Assert.Contains("expires=Thu, 01 Jan 1970 00:00:00 GMT", cookieHeaderValues[0]);
        }

+        [Fact]
+        public void DeleteCookieWithCookieOptionsShouldKeepPropertiesOfCookieOptions()
+        {
+            var headers = new HeaderDictionary();
+            var cookies = new ResponseCookies(headers, null);
+            var testcookie = "TestCookie";
+            var time = new DateTimeOffset(2000, 1, 1, 1, 1, 1, 1, TimeSpan.Zero);
+            var options = new CookieOptions
+            {
+                Secure = true,
+                HttpOnly = true,
+                Path = "/",
+                Expires = time,
+                Domain = "example.com",
+                SameSite = SameSiteMode.Lax
+            };
+
+            cookies.Delete(testcookie, options);
+
+            var cookieHeaderValues = headers[HeaderNames.SetCookie];
+            Assert.Equal(1, cookieHeaderValues.Count);
+            Assert.StartsWith(testcookie, cookieHeaderValues[0]);
+            Assert.Contains("path=/", cookieHeaderValues[0]);
+            Assert.Contains("expires=Thu, 01 Jan 1970 00:00:00 GMT", cookieHeaderValues[0]);
+            Assert.Contains("secure", cookieHeaderValues[0]);
+            Assert.Contains("httponly", cookieHeaderValues[0]);
+            Assert.Contains("samesite", cookieHeaderValues[0]);
+        }
+
        [Fact]
        public void NoParamsDeleteRemovesCookieCreatedByAdd()
        {