Allow CookieContainer to be Serialized/Deserialized
Currently, serialization and deserialization of the CookieContainer doesn't work. The documentation says to use the CookieContainer if one needs to save off HttpOnly cookies. It seems that saving the CookieContainer isn't possible.
"If the server sends HTTPOnly cookies, you should create a System.Net.CookieContainer on the request to hold the cookies, although you will not see or be able to access the cookies that are stored in the container."
While I understand the limitation for the web version of Silverlight (somewhat) this is just pure annoyance on the phone. Hiding HttpOnly cookies makes it impossible to validate that authentication happened successfully in some forms-based authentication scenarios since the cookie count may show 0 cookies returned, even though they were.
Adding serialization to CookieContainer is unlikely to happen for the .NET Framework CookieContainer class. In general, binary serialization for .NET objects is something that is being deprecated over time. In fact, the new .NET Core (CoreFx/CoreCLR) does not support any binary serialization at all.
Most of the serializer such as data contract serialization, XML serialization, JSON.NET, and protobuf-net will be supported in .NET Core. The major exception is binary serialization.
After a decade of servicing, we’ve learned that serialization is incredibly complicated and a huge compatibility burden for the types supporting it. Thus, we made the decision that serialization should be a protocol implemented on top of the available public APIs. However, binary serialization requires intimate knowledge of the types because it allows to serialize object graphs, which includes private state.
marquita horton commented
please enable my cookie sheet, having filing out application on line and on my pc.
Eric StJohn commented
This should be combined with https://wpdev.uservoice.com/forums/110705-dev-platform/suggestions/2278081-allow-cookiecontainer-to-be-serialized-deserialize. They are essentially the same issue. This is a place where Phone is inconsistent with Desktop and Windows Store. It would be great to see this fixed so that the platforms converge.
Ilija Injac commented
Yeah, it's really about time. This is frustrating and very annoying. Would be great to have such a feature!
need to know how to persist the CookieContainer !!
Did you try re-using Response.Cookies for subsequent calls? (by adding it to Request.CoockieCollection)? If you inspect the response cookie, it may not show few cookies, but those cookies are indeed parsed by the framework object, and contained in the Cookies collection. You just need to add it back to subsequent requests.
I agree with you, having an ability to access all of the cookies via code makes our life easier.
Not being able to restore a CookieContainer means re-authenticating after being tomstoned.