我在我创建的网站中使用了 Flash 上传器。我需要将大文件上传到服务器。问题是这个上传器使用闪存。当它提交数据时,cookie 不会发送回服务器,因此我无法验证用户,这将失败。无论如何强制将cookies发送回服务器?如果这不可能,是否有其他方法可以使用其他发送回 cookie 的组件上传数据。
问问题
373 次
1 回答
0
有几个网站讨论了这个问题。解决方案是,使用 flash 中的另一个 post 变量手动将授权信息传递回 MVC。我发现的一个实现是TokenizedAuthorizeAttribute.
/// <summary>
/// A custom version of the <see cref="AuthorizeAttribute"/> that supports working
/// around a cookie/session bug in Flash.
/// </summary>
/// <remarks>
/// Details of the bug and workaround can be found on this blog:
/// http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx
/// </remarks>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class TokenizedAuthorizeAttribute : AuthorizeAttribute
{
/// <summary>
/// The key to the authentication token that should be submitted somewhere in the request.
/// </summary>
private const string TOKEN_KEY = "AuthenticationToken";
/// <summary>
/// This changes the behavior of AuthorizeCore so that it will only authorize
/// users if a valid token is submitted with the request.
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
string token = httpContext.Request.Params[TOKEN_KEY];
if (token != null)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(token);
if (ticket != null)
{
FormsIdentity identity = new FormsIdentity(ticket);
string[] roles = System.Web.Security.Roles.GetRolesForUser(identity.Name);
GenericPrincipal principal = new GenericPrincipal(identity, roles);
httpContext.User = principal;
}
}
return base.AuthorizeCore(httpContext);
}
}
按照评论中的链接将进一步帮助您。
于 2011-11-18T11:56:51.163 回答