Last post Jan 30, 2019 04:30 AM by coreysan
Jan 02, 2019 01:46 AM|coreysan|LINK
I started learning MVC Core 2, and cookies were already enabled on my work computer.
Then I copied my project to my home computer with the same version of VS 2017,
but cookies were not enabled. I don't know why.
The only thing I could do was set this line to false in the startup:
options.CheckConsentNeeded = context => false;
I have no idea why I had to do this to get my project (using a shopping cart) to work.
What is the proper way to set up a project with cookies enabled?
Jan 02, 2019 09:52 AM|PatriceSc|LINK
You mean not enabled in the browser ? You can't force this on your side, this is entirely under user control.
You could test which level of support you have (persistent vs non persistent cookies) and based on that either ask the user to enable them or skip the enhancements it brings to your app.
You are using persistent cookies for your shopping cart ?
Jan 02, 2019 04:55 PM|jimap_1|LINK
based on that either ask the user to enable them or skip the enhancements it brings to your app.
If it's a site (application) that requires login (banking, shop, etc) asking the user to enable cookies does not make sense.
It's required. Where is there a better explanation of:
options.Cookie.HttpOnly = true; //vs false
Jan 03, 2019 05:45 PM|coreysan|LINK
Jan 03, 2019 07:27 PM|PatriceSc|LINK
What means "stopped" or "error out" ? Do you mean you have an error message on this line ? If yes you should just always post which error message you have so that others can know for sure which error message you have rather than trying
Jan 03, 2019 08:56 PM|coreysan|LINK
Jan 04, 2019 04:23 PM|coreysan|LINK
Jan 04, 2019 04:57 PM|PatriceSc|LINK
This is to ask the user for his consent in using cookies which is required by an European law. See https://docs.microsoft.com/en-us/aspnet/core/security/gdpr?view=aspnetcore-2.2
I was wondering earlier if your shopping cart is using cookies or not.
Jan 04, 2019 09:39 PM|coreysan|LINK
Jan 05, 2019 12:38 AM|jimap_1|LINK
Cookies are still required if a login is required so why would I have to ask.
I am sorry, but it's hard to follow something that doesn't make sense.
Jan 07, 2019 04:22 AM|coreysan|LINK
I ask because in my experience with this project, I never logged in, nor was I asked to log in. I simply ran the project, no login, chose product,
added to cart, and it stopped at that line. On my computer at work, it was never an issue. I assume at some point early on I probably said yes to
cookies, but when I tried to run it at home, it became an issue without logging in.
There are lots of websites that allow purchasing as a guest, and I was testing to see how the code would run as a guest. I understand better now what
the line is for, but now I don't know what to do if an end-user wants to order as a guest. Should I just set it to false and keep it that way?
Jan 20, 2019 03:06 AM|nsuchy|LINK
Hey coreysan. The system you reference options.CheckConsentNeeded = context => false; only determines if cookie consent is required before allowing usage of cookies. This system integrated into asp.net core makes it easier for software
engineers to comply with a European law, unlike some of the banners, cookies do not function until consent is granted. Setting to true or false only determines if the banner is rendered and the user is asked for cookie consent. If you do not believe Europe's
cookie law applies to you (please check with your lawyer, we're software engineers, not lawyers) you're free to disable it with the workaround you showed above. Likewise while the system is enabled, access to cookies is disabled until consent for cookies is
Jan 24, 2019 05:01 AM|coreysan|LINK
Thank you very much for your clear explanation. So now I understand the purpose of the statement, but I'm still puzzled
about the behavior of my project when CheckConsentNeeded = true. (I'd prefer to keep it set to true).
I expect my browser to ask me to accept cookies or not, but it never does. I can accept or deny cookies in the browser's options/Security area,
but I just never get asked to accept or not. I'm puzzled why the browser (Firefox, in my case) never, ever asks about cookies. I've deliberately monkeyed
with the settings in the browser, but no matter what I do, I will just never get asked.
The consentneeded value does affect whether I can add items to my cart, and that's important, but I thought the whole idea of the line was to
prompt me for acceptance of cookies. It just doesn't.
Jan 29, 2019 09:12 AM|Sherry Chen|LINK
Hi coreysan ,
Check the _CookieConsentPartial.cshtml partial view for your cookie message, from which CSS class names and accessibility-friendly role attributes have been removed for brevity in the snippet below. For Razor Pages , this file should be in the /Pages/Shared/
folder by default. For MVC, this file should be in the /Views/Shared/ folder by default.
To use the partial view in your application, simply insert it into the _Layout.cshtml page that is used by all your pages. The partial view can be inserted above the call to RenderBody () . You could refer to Cookies
and Consent in ASP .NET Core .
Best Regards ,
Jan 30, 2019 04:30 AM|coreysan|LINK
Sherry - thanks so much for your advice. I admit I'm very puzzled, and I apologize for not getting this.
I have always had the CookieConsentPartial partial view in my project (in Views/Shared), about 2 lines above the RenderBody() instruction of _Layout.cshtml.
I read through the code, and I've never seen the consent banner. That's why I'm so puzzled.
I just don't ever get asked to accept cookies under any circumstance, even though all the code is present.
I could try writing a small MVC project, just enough to see if anything changes.
Any further thoughts?