Flash Cookie Bug
来源:互联网 发布:cassandra数据库简介 编辑:程序博客网 时间:2024/06/02 02:04
使用了swfupload
IE下一切正常,Firefox下上传正常,但是保存上传信息到数据库的时候发现uploadhandle保存的Session在其他页面里取不到。
调试发现浏览两个不同页面的SessionID都不同,sh*t
速度超快的google浏览器问题同Firefox...
google到问题原因:http://www.swfupload.org/forum/generaldiscussion/383
I want to clarify what I have observed about the Flash Cookie bug.
The Flash Player Plugin for FireFox, Opera and Safari (and probably other non-IE based browsers) has a bug which sends persistent cookies from IE to the upload URL instead of the cookies from the browser. Session only cookies from IE are not sent.
When Flash initializes in the browser its own empty "cookie space"is created. It loads persistent cookies from IE (which you can see in%USERPROFILE%/cookies). In-memory (session) cookies are not loaded.
The cookies from the browser are not loaded in to Flash's cookie space.
Any session cookies created by the upload script are maintainedin-memory in Flash's cookies space. New persistant cookies are createdon disk (which you can see in %USERPROFILE%/cookies) and willimmediately appear in IE. Cookies created in the Flash cookie spacewill not appear in any of the browser's "view cookie" tools.
All Flash Movies share the same per browser cookie space which ismaintained until the browser is closed (i.e., multiple tabs in FireFoxwill share the same Flash cookie space but FireFox and Safari maintainseparate Flash cookie spaces).
I've carefully tested this issue in FireFox 3 and IE 7 on Windows XPPro with Flash Player 9.0.115. I also did some basic testing in Opera9.24 and the Safari Beta for Windows. I plan to create a new demo whichwill demonstrate my findings.
I have not tested this issue on OS X or in Linux.
同时抄来一份解决办法:
Global.asax:
- void Application_BeginRequest(object sender, EventArgs e)
- {
- /* Fix for the Flash Player Cookie bug in Non-IE browsers.
- * Since Flash Player always sends the IE cookies even in FireFox
- * we have to bypass the cookies by sending the values as part of the POST or GET
- * and overwrite the cookies with the passed in values.
- *
- * The theory is that at this point (BeginRequest) the cookies have not been read by
- * the Session and Authentication logic and if we update the cookies here we'll get our
- * Session and Authentication restored correctly
- */
- try
- {
- string session_param_name = "ASPSESSID";
- string session_cookie_name = "ASP.NET_SESSIONID";
- if (HttpContext.Current.Request.Form[session_param_name] != null)
- {
- UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]);
- }
- else if (HttpContext.Current.Request.QueryString[session_param_name] != null)
- {
- UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString[session_param_name]);
- }
- }
- catch (Exception)
- {
- Response.StatusCode = 500;
- Response.Write("Error Initializing Session");
- }
- try
- {
- string auth_param_name = "AUTHID";
- string auth_cookie_name = FormsAuthentication.FormsCookieName;
- if (HttpContext.Current.Request.Form[auth_param_name] != null)
- {
- UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]);
- }
- else if (HttpContext.Current.Request.QueryString[auth_param_name] != null)
- {
- UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString[auth_param_name]);
- }
- }
- catch (Exception)
- {
- Response.StatusCode = 500;
- Response.Write("Error Initializing Forms Authentication");
- }
- }
- void UpdateCookie(string cookie_name, string cookie_value)
- {
- HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
- if (cookie == null)
- {
- cookie = new HttpCookie(cookie_name);
- HttpContext.Current.Request.Cookies.Add(cookie);
- }
- cookie.Value = cookie_value;
- HttpContext.Current.Request.Cookies.Set(cookie);
- }
- swfu = new SWFUpload({
- // Backend Settings
- upload_target_url: "uploadhandle.aspx", // Relative to the SWF file
- post_params : {
- "ASPSESSID" : "<%=Session.SessionID %>"
- },
- ……
- Flash Cookie Bug
- Flash cookie
- http cookie、flash cookie、evercookie
- HttpWebRequest Cookie Bug 解决之道
- Flash读写cookie
- Flash读取cookie[转]
- chrome 的 flash cookie
- Flash读写cookie
- Flash,as3 Bug集
- 小心swfupload 的cookie Bug
- Flex Shared Object flash cookie
- Flash Cookie用于计算机取证
- Flash Cookie用于计算机取证
- Flash+Player+11+Array+Bug
- 修改电视flash bug心得
- Flash,一次Bug的思考
- flash bug 点击链接无效
- Flash Cookie【使用Flash Cookie技术在客户端永久保存HTTP Cookie 】(一)
- Tools:使用oradim恢复windows上的数据库
- 关于Weblogic GBK/GB2312/UTF-8乱码的问题
- mssql命令行下工具isql参数说明
- windows证书的导出
- listview项增加processbar并操作 只供学习 mark、
- Flash Cookie Bug
- wchar_t类型的实质
- 《Squid 中文权威指南》(上)-向译者彭勇华致敬!!!
- sql处理字符串:截取子串等 substr,charindex
- 有初始值的 form 表单元素重置(reset)解决方案
- CONVERT
- 从iostream与iostream.h区别谈C++标准库
- ASP.NET3.5 ListView控件学习系列
- hello world