我正在使用 cookie 进行表单身份验证的 .net 网站上工作，我想添加另一个安全 cookie 来保存访问和刷新令牌。正在将 cookie 添加到Response.Cookies并且一切似乎都很好。我使用 fiddler 检查响应标头以确保Set-Cookie设置了标头。

HTTP/1.1 302 Found

Cache-Control: no-cache, no-store

Pragma: no-cache

Content-Type: text/html; charset=utf-8

Expires: -1

Location: /

Set-Cookie: 

    TestTokenCookie=(truncated for brevity); 

    domain=local.foobar.com; 

    expires=Sun, 18-Nov-2018 14:42:56 GMT;

    path=/

X-Frame-Options: SAMEORIGIN

X-UA-Compatible: IE=Edge,chrome=1

Date: Mon, 20 Aug 2018 13:42:59 GMT

Content-Length: 118

响应看起来正确，但浏览器中没有出现 cookie。我正在使用 Edit This Cookie chrome 扩展程序来查看已设置的 cookie。这是我使用的设置 cookie 的代码。

public void CreateTokenCookie(TokenCookieData tokenCookieData, HttpContextBase currentContext, bool createPersistentTicket = true)

{

    var ticket = new FormsAuthenticationTicket(1,

        tokenCookieData.Username,

        DateTime.Now,

        DateTime.Now.AddDays(90),

        createPersistentTicket,

        tokenCookieData.ToString());

    CreateCookieFromTicket(ticket, TOKEN_COOKIE_NAME, true, currentContext);

}

private void CreateCookieFromTicket(FormsAuthenticationTicket ticket, string cookieName, bool httpOnly, HttpContextBase currentContext)

{

    var encryptedTicket = FormsAuthentication.Encrypt(ticket);

    var cookie = new HttpCookie(cookieName, encryptedTicket)

    {

        HttpOnly = httpOnly,

        Secure = FormsAuthentication.RequireSSL,

        Path = FormsAuthentication.FormsCookiePath,

        Expires = ticket.Expiration

    };

    var domain = GetCookieDomain();

    if (domain != null)

    {

        cookie.Domain = domain;

    }

    if (currentContext.Response.Cookies[cookieName] != null)

    {

        currentContext.Response.Cookies.Remove(cookieName);

    }

    currentContext.Response.Cookies.Add(cookie);

}

任何想法为什么没有在浏览器中设置 cookie？