Incorrect Cookie Domain AspNetCore 3.0 Linux

Question

I've recently tried moving an ASP.NET core 3.0 application from a windows server to a Linux server. The application shares cookie authentication with another website so the cookie domain needs to be a wildcard to share across the sub-domains i.e. .example.com

This works fine on the Windows server the cookie domain for https://sub.example.com gets set as .example.com

However, when I login on the Linux server the cookie domain for some reason gets set with the sub-domain. For example for https://sub-test.example.com the cookie domain is .sub-test.example.com, which then won't be shared with https://sub.example.com, hence the problem.

I've checked the network tab in the browser and the set-cookie header has "domain=.sub-test.example.com", so I'm convinced it's a server side problem.

In Startup.cs, I have hard coded the domain wildcard I want, it just doesn't get honoured on Linux.

services.ConfigureApplicationCookie(opt =>
{
    opt.Cookie.Domain = ".example.com";
}

Not sure what else I can try.

score 1 · Accepted Answer · answered Mar 25 '20 at 12:25

1

Sounds like an issue with a Reverse Proxy, which is probably overriding the settings you set there. Take a look at the this post: URL Rewrite keeps original host Location when reverse proxy 301 redirects

answered Mar 25 '20 at 12:25

paulslater19

5,869
1
28
25

Thank you so much! Can't believe that this was the issue, glad it's solved :) – Shoejep Mar 25 '20 at 13:03

Incorrect Cookie Domain AspNetCore 3.0 Linux

1 Answers1