• dotnet中的swfupload(或其它socket)传输中的session和cookie问题解决


    < DOCTYPE html PUBLIC -WCDTD XHTML StrictEN httpwwwworgTRxhtmlDTDxhtml-strictdtd>

            swfupload是flash采用socket和服务端进行通信了,所以服务端的session值或cookie值在这时候是捕获不到了。在默认的情况下ie是不存在获取不到seesion或cookie值的,然而对于firefox或chrome在dotnet环境下都是不能获取session和cookie值的。
           通过 Global.asax 文件你可以覆盖丢失的Session ID cookie,代码如下(引用官方解决方案):


    void Application_BeginRequest(object sender, EventArgs e)
    {

    try
    {
    string session_param_name = "ASPSESSID";
    string session_cookie_name = "ASP.NET_SESSIONID";

    if (HttpContext.Current.Request.Form[session_param_name] != null)
    {
    UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]);
    }
    else if (HttpContext.Current.Request.QueryString[session_param_name] != null)
    {
    UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString[session_param_name]);
    }
    }
    catch (Exception)
    {
    }

    try
    {
    string auth_param_name = "AUTHID";
    string auth_cookie_name = FormsAuthentication.FormsCookieName;

    if (HttpContext.Current.Request.Form[auth_param_name] != null)
    {
    UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]);
    }
    else if (HttpContext.Current.Request.QueryString[auth_param_name] != null)
    {
    UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString[auth_param_name]);
    }

    }
    catch (Exception)
    {
    }
    }
    void UpdateCookie(string cookie_name, string cookie_value)
    {
    HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
    if (cookie == null)
    {
    HttpCookie cookie1 = new HttpCookie(cookie_name, cookie_value);
    Response.Cookies.Add(cookie1);
    }
    else
    {
    cookie.Value = cookie_value;
    HttpContext.Current.Request.Cookies.Set(cookie);
    }
    }

    Explaination: This code checks your POST (form) and GET (querystring) for a Session ID. If it finds one then it overrides the session cookie with the value from your POST/GET. Then later when the session is restored the overridden session is what you get (instead of IE's session or a brand new session which was what the bug was causing to happen).

    The same sort of thing is done for the Forms Auth cookie, but I didn't actually go back and look at Forms Auth to see how it works to make sure this would work. And I didn't set the Forms Auth bit so it might not even work.

    You just need to include a post_param in your SWFUpload page that passes in the session id. Something like:

    var swfu = new SWFUpload({

    post_params : {

    "ASPSESSID" : "<%=Session.SessionID %>"
    }

    });

    Note: The overriding of the Forms Authentication cookie has not been tested but I think it should still work. Someone will have to let me know.

    P.S. & Security Warning: Don't just copy and paste this code in to your ASP.Net application without knowing what you are doing. It introduces security issues and possibilities of Cross-site Scripting.

    出自:http://www.swfupload.org/forum/generaldiscussion/98

  • 相关阅读:
    作业5,6 2019/10/23
    作业1、2、3、4 2019/10/23
    实现Map传参Mybatis
    maven工程配置pom.xml实现mybatis的访问数据库操作
    测试
    Postman篇之命令行测试
    unittest框架
    测试
    测试
    测试
  • 原文地址:https://www.cnblogs.com/netcorner/p/2912033.html
Copyright © 2020-2023  润新知