Error Headers are read-only, response has already started .net 8 blazor

[MahdiElahi]

Hi, the login page is refreshed because of this i change render mode to InteractiveServer to disable reload page when click submit in login form

but when run this code : var result = await SignInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);

i have this error Headers are read-only, response has already started

my project is Blazor Web App (Auto Interactivity)

you can test login in my project 1.register new user 2.click on confirm email 3.login

ForumProject.zip

what's is problem ?

[javiercn]

@MahdiElahi thanks for contacting us.

The Identity pages require access to the underlying HttpContext and only work in SSR mode. They don't work in interactive mode.

[javiercn]

@MahdiElahi Please provide your repro as a public github repository, otherwise we can't look at it.

[ghost]

Hi @MahdiElahi. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.

[MahdiElahi]

@javiercn Thanks

you can see my project is git. it's bad identity just worked in ssr mode. i want worked identity page without reload page and use interactive modes(wasm / server / auto ) how to do it ? my repo

[javiercn]

i want worked identity page without reload page and use interactive modes(wasm / server / auto ) how to do it ?

This is not something that we provide out of the box. You'll have to create your own implementation using the new identity endpoints.

[MahdiElahi]

@javiercn it's means in register/ login / changepassword / ...(all pages use identity and Http Context ) we must use ssr mode how to do it ? please show an example that use without ssr mode or another way?

[3x0dv5]

I was having a similar problem. In my case the problem was caused by @rendermode="InteractiveServer" in the HeadOutlet and Routes. Strangely when I had this in there I was getting the cookies error.

    <HeadOutlet @rendermode="InteractiveServer"/>
</head>

<body>
<Routes @rendermode="InteractiveServer"/>

I really have to read a bit more about these render modes, my knowledge is lacking.

@MahdiElahi I checked your ForumProject and made a couple of changes, now it is working Here is a pull request: https://github.com/MahdiElahi/AuthProject_Blazor8/pull/1

Hope this helps/

[kallebysantos]

Same issue when using @attribute [StreamRendering] inside a SSR page without interactivity

System.InvalidOperationException: Headers are read-only, response has already started.
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpHeaders.ThrowHeadersReadOnlyException()
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpResponseHeaders.Microsoft.AspNetCore.Http.IHeaderDictionary.set_SetCookie(StringValues value)
   at Microsoft.AspNetCore.Http.ResponseCookies.Append(String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.Authentication.Cookies.ChunkingCookieManager.AppendResponseCookie(HttpContext context, String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler.HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
   at Microsoft.AspNetCore.Authentication.AuthenticationService.SignInAsync(HttpContext context, String scheme, ClaimsPrincipal principal, AuthenticationProperties properties)
   at DGAV.Candidatos.Web.Services.AuthenticationManager.SignInWithClaimsAsync(List`1 claims, AuthenticationProperties properties) in C:\ProjectsTFS\DGAF\DGAVCandidatos\DGAV.Candidatos.Web\Services\AuthenticationManager.cs:line 205
   at DGAV.Candidatos.Web.Services.AuthenticationManager.SignInAsync(UserInfo userInfo, Nullable`1 expires) in C:\ProjectsTFS\DGAF\DGAVCandidatos\DGAV.Candidatos.Web\Services\AuthenticationManager.cs:line 191
   at DGAV.Candidatos.Web.Services.AuthenticationManager.GenerateSignInCodeWithTaxNumber(String taxNumber) in C:\ProjectsTFS\DGAF\DGAVCandidatos\DGAV.Candidatos.Web\Services\AuthenticationManager.cs:line 146
   at DGAV.Candidatos.Web.Components.Pages.Authentication.TaxNumberSignIn.HandleSignIn() in C:\ProjectsTFS\DGAF\DGAVCandidatos\DGAV.Candidatos.Web\Components\Pages\Authentication\TaxNumberSignIn.razor:line 85
   at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task)
   at Microsoft.AspNetCore.Components.Forms.EditForm.HandleSubmitAsync()
   at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task)
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.GetErrorHandledTask(Task taskToHandle, ComponentState owningComponentState)
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.GetErrorHandledTask(Task taskToHandle, ComponentState owningComponentState)
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.<WaitForQuiescence>g__ProcessAsynchronousWork|54_0()
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.WaitForQuiescence()
   at Microsoft.AspNetCore.Components.Endpoints.EndpointHtmlRenderer.SendStreamingUpdatesAsync(HttpContext httpContext, Task untilTaskCompleted, TextWriter writer)

[devnuwan]

stile I have this issue

[vukasinpetrovic]

Did anyone figure out how to create interactive login page? It is espectially useful if we are connecting to existing/external API that uses JWT Bearer token. After httpClient calls the API, we need a way to securely persist the token and use it for further calls.

[Woudjee]

So if I understand correctly, you cannot do this when the rendermode is InteractiveServer? Why is that? I also have an account registration process where this option would be highly valueable.