Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

New version ( 127.0) is rejecting .Aspnet.Cookies cookie

  • 3 replies
  • 0 have this problem
  • 1 view
  • Last reply by TyDraniu

slawomir.lewinski
slawomir.lewinski
more options

I maintain application that uses OWIN Microsoft library for authentication. It uses .AspNet.Cookies to pass auth information. For unknown reasons I see that Firefox 127 rejects that cookie. I've tried with SameSite Lax/None/Strict and Secure param but no results. Previous versions and other browsers ( Chrome, Edge Safari ) woks fine. Any idea ?

I maintain application that uses OWIN Microsoft library for authentication. It uses .AspNet.Cookies to pass auth information. For unknown reasons I see that Firefox 127 rejects that cookie. I've tried with SameSite Lax/None/Strict and Secure param but no results. Previous versions and other browsers ( Chrome, Edge Safari ) woks fine. Any idea ?

All Replies (3)

TyDraniu
TyDraniu
  • Top 10 Contributor
more options

Can it be something with case sensivity? We treat cookie name prefixes in a case-insensitive manner since Fx127.

Try to use mozregression to find responsible pull request.

Modified by TyDraniu

Helpful?

TyDraniu
TyDraniu
  • Top 10 Contributor
more options

Check out Bug 1892748 - Reject most control characters in cookie attributes, resolved in 127.

Helpful?

TyDraniu
TyDraniu
  • Top 10 Contributor
more options

Please try also version 127.0.1 with bug 1901325 fixed.

Helpful?

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.