SWFUpload 302

源自： http://hi.baidu.com/whwf2008/blog/item/109f9a1fb6770be7e0fe0b86.html

关于 SWFUpload 在firefox (ff,火狐)下，报错 302,session,cookie

swfupload是flash采用socket和服务端进行通信了，所以服务端的session值或cookie值在这时候是捕获不到了。在默认的情况下ie是不存在获取不到seesion或cookie值的，然而对于firefox或chrome在dotnet环境下都是不能获取session和cookie值的。        通过 Global.asax 文件你可以覆盖丢失的Session ID cookie,代码如下（引用官方解决方案）： void Application_BeginRequest(object sender, EventArgs e) { /* Fix for the Flash Player Cookie bug in Non-IE browsers. * Since Flash Player always sends the IE cookies even in FireFox * we have to bypass the cookies by sending the values as part of the POST or GET * and overwrite the cookies with the passed in values. * * The theory is that at this point (BeginRequest) the cookies have not been ready by * the Session and Authentication logic and if we update the cookies here we'll get our * Session and Authentication restored correctly */ try { string session_param_name = "ASPSESSID"; string session_cookie_name = "ASP.NET_SESSIONID"; if (HttpContext.Current.Request.Form[session_param_name] != null) { UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]); } else if (HttpContext.Current.Request.QueryString[session_param_name] != null) { UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString[session_param_name]); } } catch (Exception) { } try { string auth_param_name = "AUTHID"; string auth_cookie_name = FormsAuthentication.FormsCookieName; if (HttpContext.Current.Request.Form[auth_param_name] != null) { UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]); } else if (HttpContext.Current.Request.QueryString[auth_param_name] != null) { UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString[auth_param_name]); } } catch (Exception) { } } void UpdateCookie(string cookie_name, string cookie_value) { HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name); if (cookie == null) { HttpCookie cookie1 = new HttpCookie(cookie_name, cookie_value); Response.Cookies.Add(cookie1); } else { cookie.Value = cookie_value; HttpContext.Current.Request.Cookies.Set(cookie); } } Explaination: This code checks your POST (form) and GET (querystring) for a Session ID. If it finds one then it overrides the session cookie with the value from your POST/GET. Then later when the session is restored the overridden session is what you get (instead of IE's session or a brand new session which was what the bug was causing to happen). The same sort of thing is done for the Forms Auth cookie, but I didn't actually go back and look at Forms Auth to see how it works to make sure this would work. And I didn't set the Forms Auth bit so it might not even work. You just need to include a post_param in your SWFUpload page that passes in the session id. Something like: var swfu = new SWFUpload({ /* lots of settings */ post_params : { /* other post params */ "ASPSESSID" : "<%=Session.SessionID %>" } /* lots more settings */ }); Note: The overriding of the Forms Authentication cookie has not been tested but I think it should still work. Someone will have to let me know. P.S. & Security Warning: Don't just copy and paste this code in to your ASP.Net application without knowing what you are doing. It introduces security issues and possibilities of Cross-site Scripting.

 

转载于:https://www.cnblogs.com/Kasablanca/archive/2011/01/05/1926362.html