使用了 swfupload
IE下一切正常,Firefox下上传正常,但是保存上传信息到数据库的时候发现uploadhandle保存的Session在其他页面里取不到。
调试发现浏览两个不同页面的SessionID都不同,sh*t
速度超快的google浏览器问题同Firefox...
google到问题原因: http://www.swfupload.org/forum/generaldiscussion/383
I want to clarify what I have observed about the Flash Cookie bug.
The Flash Player Plugin for FireFox, Opera and Safari (and probably other non-IE based browsers) has a bug which sends persistent cookies from IE to the upload URL instead of the cookies from the browser. Session only cookies from IE are not sent.
When Flash initializes in the browser its own empty "cookie space" is created. It loads persistent cookies from IE (which you can see in %USERPROFILE%/cookies). In-memory (session) cookies are not loaded.
The cookies from the browser are not loaded in to Flash's cookie space.
Any session cookies created by the upload script are maintained in-memory in Flash's cookies space. New persistant cookies are created on disk (which you can see in %USERPROFILE%/cookies) and will immediately appear in IE. Cookies created in the Flash cookie space will not appear in any of the browser's "view cookie" tools.
All Flash Movies share the same per browser cookie space which is maintained until the browser is closed (i.e., multiple tabs in FireFox will share the same Flash cookie space but FireFox and Safari maintain separate Flash cookie spaces).
I've carefully tested this issue in FireFox 3 and IE 7 on Windows XP Pro with Flash Player 9.0.115. I also did some basic testing in Opera 9.24 and the Safari Beta for Windows. I plan to create a new demo which will demonstrate my findings.
I have not tested this issue on OS X or in Linux.
同时抄来一份解决办法:
Global.asax:
- void Application_BeginRequest(object sender, EventArgs e)
- {
- /* Fix for the Flash Player Cookie bug in Non-IE browsers.
- * Since Flash Player always sends the IE cookies even in FireFox
- * we have to bypass the cookies by sending the values as part of the POST or GET
- * and overwrite the cookies with the passed in values.
- *
- * The theory is that at this point (BeginRequest) the cookies have not been read by
- * the Session and Authentication logic and if we update the cookies here we'll get our
- * Session and Authentication restored correctly
- */
- try
- {
- string session_param_name = "ASPSESSID";
- string session_cookie_name = "ASP.NET_SESSIONID";
- if (HttpContext.Current.Request.Form[session_param_name] != null)
- {
- UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]);
- }
- else if (HttpContext.Current.Request.QueryString[session_param_name] != null)
- {
- UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString[session_param_name]);
- }
- }
- catch (Exception)
- {
- Response.StatusCode = 500;
- Response.Write("Error Initializing Session");
- }
- try
- {
- string auth_param_name = "AUTHID";
- string auth_cookie_name = FormsAuthentication.FormsCookieName;
- if (HttpContext.Current.Request.Form[auth_param_name] != null)
- {
- UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]);
- }
- else if (HttpContext.Current.Request.QueryString[auth_param_name] != null)
- {
- UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString[auth_param_name]);
- }
- }
- catch (Exception)
- {
- Response.StatusCode = 500;
- Response.Write("Error Initializing Forms Authentication");
- }
- }
- void UpdateCookie(string cookie_name, string cookie_value)
- {
- HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
- if (cookie == null)
- {
- cookie = new HttpCookie(cookie_name);
- HttpContext.Current.Request.Cookies.Add(cookie);
- }
- cookie.Value = cookie_value;
- HttpContext.Current.Request.Cookies.Set(cookie);
- }
- swfu = new SWFUpload({
- // Backend Settings
- upload_target_url: "uploadhandle.aspx", // Relative to the SWF file
- post_params : {
- "ASPSESSID" : "<%=Session.SessionID %>"
- },
- ……
2951
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
