The dangers of too many cookies on a website

Sometimes, when browsing Microsoft’s sites, you can run into some weird errors – likeĀ Bad Request – Request too long or sometimes evenĀ Connection refused. These errors are mostly caused by cookies. In this article, I am going to show you the most common causes and also tips on how to avoid these issues on your sites.

Continue reading “The dangers of too many cookies on a website”

Cookie size and cookie authentication in ASP.NET Core

When I was writing a web application with ASP.NET Core with Azure AD and Microsoft Graph, I ran into a very interesting issue – the identity cookies would get really large (8 kB or more in chunked authentication cookies) and therefore all the requests to the site would contain this much data in headers. This was bearable because it just “worked” but then I tried accessing the site from Safari on a MacBook or an iPhone and the server would return errors when trying to rebuild the user’s identity.

Continue reading “Cookie size and cookie authentication in ASP.NET Core”