Cookies during error handling

[Marty McDonald]

In global.asax we handle the application error event by gathering
exception info & putting it into a cookie. Then asp.net automatically
directs the user to our error page, where we use the cookie to show
descriptive error info. Our error page also deletes the cookie like
this...
//Remove cookie from response buffer, so deletion is effective server-
side.
if (context.Response.Cookies[cookieName] != null)
{
context.Response.Cookies.Remove(cookieName);
}

//Send an expired cookie to the client, to force deletion client-side.
if (context.Request.Cookies[cookieName] != null)
{
HttpCookie expiredCookie = new HttpCookie(cookieName);
expiredCookie.Expires = DateTime.Now.AddDays(-1d);
context.Response.Cookies.Add(expiredCookie);
}

Yet when the user navigates back to the app start page, the error
cookie is still present, which causes our app problems (if the error
cookie is present, our app skips certain logic). This is the code
that gets executed after the cookies are supposedly deleted as the
user is navigating away from the error page and to the app start
page...

public void Application_AuthenticateRequest(Object s, EventArgs e)
{
HttpCookie cookie = Request.Cookies["DiagnosticMessage"];
if (cookie != null) <====== The cookie is present here.
{
return;
}

Why would the cookie still be present? Thanks

 

[Marty McDonald]

In global.asax we handle the application error event by gathering
exception info & putting it into a cookie.  Then asp.net automatically
directs the user to our error page, where we use the cookie to show
descriptive error info.  Our error page also deletes the cookie like
this...
//Remove cookie from response buffer, so deletion is effective server-
side.
if (context.Response.Cookies[cookieName] != null)
{
    context.Response.Cookies.Remove(cookieName);

}

//Send an expired cookie to the client, to force deletion client-side.
if (context.Request.Cookies[cookieName] != null)
{
    HttpCookie expiredCookie = new HttpCookie(cookieName);
    expiredCookie.Expires = DateTime.Now.AddDays(-1d);
    context.Response.Cookies.Add(expiredCookie);

}

Yet when the user navigates back to the app start page, the error
cookie is still present, which causes our app problems (if the error
cookie is present, our app skips certain logic).  This is the code
that gets executed after the cookies are supposedly deleted as the
user is navigating away from the error page and to the app start
page...

public void Application_AuthenticateRequest(Object s, EventArgs e)
{
    HttpCookie cookie = Request.Cookies["DiagnosticMessage"];
    if (cookie != null)  <====== The cookie is present here.
    {
        return;
    }

Why would the cookie still be present?  Thanks

We found the cause. Our error page set the cookie's expiration to
"yesterday" as it should have. But then it did this...
Response.Cookies.Clear();
....which I believe clears the expired cookie before it ever gets a
chance to be sent to the client. So the only cookie on the client was
the non-expired one.
Our solution was to get rid of the Response.Cookies.Clear() line.