microsoft-identity-web icon indicating copy to clipboard operation
microsoft-identity-web copied to clipboard
verified publisher icon AzureAD

Input string was not in a correct format exception in method IsChromiumVersionAtLeast

Open SlavaDnepr opened this issue 3 years ago • 0 comments

Microsoft.Identity.Web Library

Microsoft.Identity.Web

Microsoft.Identity.Web version

1.25.1

Web app

Sign-in users

Web API

Protected web APIs (validating tokens)

Token cache serialization

Not Applicable

Description

Incorrect Regexp in IsChromiumVersionAtLeast "Chrom[^ /]+/(\d+)[.\d]* " Corrected regexp "Chrom[^ /]+/(\d+)[.\d]*" It means Chrome can be only last in row For some user agent string it is not true For example "Mozilla/5.0 Windows NT 10.0 Win64 AppleWebKit/537.36 Chrome/69.0.3497.100"

Reproduction steps

in Startup.cs added next code services.Configure<CookiePolicyOptions>(options => { options.HandleSameSiteCookieCompatibility(); }); Try to open web application with userAgent: "Mozilla/5.0 Windows NT 10.0 Win64 AppleWebKit/537.36 Chrome/69.0.3497.100"

Error message

Input string was not in a correct format.

System.Number.ThrowOverflowOrFormatException(ParsingStatus status, TypeCode type) at System.Convert.ToInt32(String value, IFormatProvider provider) at Microsoft.Identity.Web.CookiePolicyOptionsExtensions.<DisallowsSameSiteNone>g__IsChromiumVersionAtLeast|3_7(Int32 major, <>c__DisplayClass3_0& ) at Microsoft.Identity.Web.CookiePolicyOptionsExtensions.<DisallowsSameSiteNone>g__DropsUnrecognizedSameSiteCookies|3_1(<>c__DisplayClass3_0& ) at Microsoft.Identity.Web.CookiePolicyOptionsExtensions.DisallowsSameSiteNone(String userAgent)

Id Web logs

No response

Relevant code snippets

public static bool IsChromiumVersionAtLeastOriginal(string userAgent, int major)
        {
            string regex = @"Chrom[^ \/]+\/(\d+)[\.\d]* ";

            // Extract digits from first capturing group.
            Match match = Regex.Match(userAgent, regex);
            int version = Convert.ToInt32(match.Groups[1].Value, CultureInfo.CurrentCulture);
            return version >= major;
        }

        [TestCase("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36")]
        [TestCase("Mozilla/5.0 Windows NT 10.0 Win64 AppleWebKit/537.36 Chrome/69.0.3497.100")]
        public void ChromiumVersionIssueOriginalTest(string userAgent)
        {
            Assert.DoesNotThrow(() => CookiePolicyOptionsExtensions.IsChromiumVersionAtLeastOriginal(userAgent, 51));
        }

Regression

No response

Expected behavior

No exception thrown ChromiumVersionIssue.zip

SlavaDnepr avatar Jul 18 '22 12:07 SlavaDnepr