This project has moved. For the latest updates, please go here.

Facebook Login Error

IFormCollection form = WebHelpers.ParseForm(text); (line 89) is causing an error Hunch is facebook changed their api to send back Json format today! Changed it to use JsonObject instead

Id #491 | Release: None | Updated: Mar 31 at 7:28 PM by alt24 | Created: Mar 28 at 10:36 AM by Wickstargazer

SystemWebCookieManager issue

There is a documentation page System.Web response cookie integration issues that proposes to use SystemWebCookieManager as a workaround. However, SystemWebCookieManager has a major issue. How to...

Id #490 | Release: None | Updated: Mar 23 at 4:46 PM by Tratcher | Created: Mar 8 at 5:05 PM by DanAmir

switching to OWIN pipeline changes resolution of Response.StatusCode visible to Formatter

We have built a custom formatter that will execute certain logic when the response's status code is 200 versus when it's any other value. This has been working fine up until the point we converte...

Id #486 | Release: None | Updated: Jan 31 at 2:04 PM by topramnik | Created: Jan 30 at 8:56 PM by kwarnkepcty

DefaultLoader.SearchForStartupAttribute should be tolerant to unrelated errors.

When I've added Microsoft.Owin.Host.SystemWeb to an existing Asp.Net Web Forms project(to use Azure Active Directory Authentication), I've got [FileNotFoundException: Could not load file or assemb...

Id #483 | Release: None | Updated: Jan 23 at 10:54 PM by Tratcher | Created: Jan 22 at 5:52 AM by mfreidge

ReadFormAsync breaks when field name contains quotes

I'm submitting a form via Chrome to an OWIN backend. I'm attempting to use IOwinRequest.ReadFormAsync() to parse the multipart form data, but the data I'm getting back from the function is not pars...

Id #479 | Release: None | Updated: Dec 12, 2016 at 8:03 PM by bricketts | Created: Dec 12, 2016 at 8:00 PM by bricketts

DefaultFilesMiddleware: check for trailing slash does not work any more

The current implementation contains the check if (!Helpers.PathEndsInSlash(context.Request.Path)) { context.Response.StatusCode = 301; context.Response.Headers[Constants.Location] = context.Req...

Id #476 | Release: None | Updated: Nov 9, 2016 at 12:20 PM by Ritzlgrmft | Created: Nov 9, 2016 at 12:20 PM by Ritzlgrmft

CorsMiddleware: CorsResult.ErrorMessages not used

Method HandleCorsRequestAsync in CorsMiddleware calls TryEvaluateCorsPolicy which if an origin is not allowed the CorsEngine will add an error to CorsResult.ErrorMessages collection which also make...

Id #469 | Release: None | Updated: Sep 15, 2016 at 9:12 PM by Tratcher | Created: Sep 12, 2016 at 8:46 PM by JoLu1977

OAuthBearerAuthenticationHandler Validates Token Expiry After JwtSecurityTokenHandler

JwtSecuritTokenHandler has a ValidateToken(...) method which performs all of the core token validation - signature, issuer, replay detection, lifetime, audience. If validation fails you get an exce...

Id #466 | Release: None | Updated: Aug 7, 2016 at 9:14 PM by philco | Created: Aug 7, 2016 at 9:12 PM by philco

URI component encoding issue in query path

Hello! There is a bug in how Katana handles encoding when building a Uri in OwinRequest. The resource path delimiters "(" and ")" are encoded which violates RFC 3986. Please see section 3.3. This...

Id #462 | Release: None | Updated: Jun 28, 2016 at 6:37 AM by jstachowiak | Created: Jun 26, 2016 at 10:59 PM by jstachowiak

SystemClock implementation is not monotonic

The current SystemClock implementation has an observable discrepancy where a later call to SystemClock.UtcNow produces an earlier timestamp. The current implementation: // the clock measures whole...

Id #460 | Release: None | Updated: Jun 9, 2016 at 9:54 PM by Tratcher | Created: Jun 8, 2016 at 10:35 AM by BachratyGergely