Not able to read cookie value with more specific path in .NET Core/5.0?

[SoftCircuits]

It appears HttpCookie has been completely removed in .NET Core/5.0.

Moreover, if two cookies have the same name but different paths (let's say one path is /Folder and one path is /Folder/Subfolder), it seems to return the value for the cookie with the shorter path. This appears to run counter to at least the spirit put forth in RFC 6265, which in section 5.4, subsection 2 states:

The user agent SHOULD sort the cookie-list in the following order:

Cookies with longer paths are listed before cookies with shorter paths.
NOTE: Not all user agents sort the cookie-list in this order, but this order reflects common practice when this document was written, and, historically, there have been servers that (erroneously) depended on this order.

In my case, I am storing cookies using the path of the current page. But I just moved a page from /Folder to /Folder/Subfolder. And, because users will have cookies stored in the shorter path, .NET now provides no means for accessing the value with the more specific path. My code is broken and I don't see any workaround.

Shouldn't Request.Cookies[key] at least return the first matching value?

I just don't get the thinking behind the removal of this feature.

[Tratcher]

It appears HttpCookie has been completely removed in .NET Core/5.0.

Note HttpCookie was a .NET Framework 4.x System.Web API. The closest equivalent in ASP.NET Core is CookieOptions, and it only applies to response cookies.

Moreover, if two cookies have the same name but different paths (let's say one path is /Folder and one path is /Folder/Subfolder), it seems to return the value for the cookie with the shorter path.

This behavior is implemented by the client/browser, not by the server. Moving to ASP.NET Core shouldn't have affected it.

Do you have a repro of this working in ASP.NET 4.x and one where it doesn't work in ASP.NET Core 5.0?

[SoftCircuits]

Well, an HttpCookie can have multiple values, but maybe I'm wrong about it storing multiple values for cookies with the same name.

But I verified the cookie with the more specific path is being returned first (per the RFC spec). I really think Request.Cookies[key] should return the first cookie value with that key, instead of the last one, as it is how.

[Tratcher]

It's still not clear if the client actually sent multiple values. Can you check the Cookie header to see if there are multiple values present? HttpContext.Request.Headers[HeaderNames.Cookie] What does that output look like?

[SoftCircuits]

It's still not clear if the client actually sent multiple values. Can you check the Cookie header to see if there are multiple values present? HttpContext.Request.Headers[HeaderNames.Cookie] What does that output look like?

I've since deleted the extra cookie. But I can say with 100% confidence that it did have two. I spent quite a bit of time looking at this. In my case, the cookie name was DateFilterId. And I confirmed that the one with the longer path came before the one with the shorter path. Yet the value returned by Request.Cookies["DateFilterId"] was the second value.