dotnet의 swfupload(또는 기타 socket) 전송 중의session과 쿠키 문제 해결

< DOCTYPE html PUBLIC -WCDTD XHTML StrictEN httpwwwworgTRxhtmlDTDxhtml-strictdtd>
swfupload는 flash가 socket을 사용하여 서버와 통신을 하기 때문에 서버의session값이나 쿠키값은 이때 포획할 수 없습니다.기본적으로 i는 seesion이나 쿠키 값을 얻지 못하는 것이 존재하지 않지만, Firefox나 크롬은dotnet 환경에서session과 쿠키 값을 얻지 못합니다.글로벌을 통해서.asax 파일은 다음과 같이 누락된 Session ID cookie를 덮어쓸 수 있습니다(공식 솔루션 참조).
void Application_BeginRequest(object sender, EventArgs e) {
try { string session_param_name = "ASPSESSID"; string session_cookie_name = "ASP.NET_SESSIONID";
if (HttpContext.Current.Request.Form[session_param_name] != null) { UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]); } else if (HttpContext.Current.Request.QueryString[session_param_name] != null) { UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString[session_param_name]); } } catch (Exception) { }
try { string auth_param_name = "AUTHID"; string auth_cookie_name = FormsAuthentication.FormsCookieName;
if (HttpContext.Current.Request.Form[auth_param_name] != null) { UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]); } else if (HttpContext.Current.Request.QueryString[auth_param_name] != null) { UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString[auth_param_name]); }
} catch (Exception) { } } void UpdateCookie(string cookie_name, string cookie_value) { HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name); if (cookie == null) { HttpCookie cookie1 = new HttpCookie(cookie_name, cookie_value); Response.Cookies.Add(cookie1); } else { cookie.Value = cookie_value; HttpContext.Current.Request.Cookies.Set(cookie); } }
Explaination: This code checks your POST (form) and GET (querystring) for a Session ID. If it finds one then it overrides the session cookie with the value from your POST/GET. Then later when the session is restored the overridden session is what you get (instead of IE's session or a brand new session which was what the bug was causing to happen).
The same sort of thing is done for the Forms Auth cookie, but I didn't actually go back and look at Forms Auth to see how it works to make sure this would work. And I didn't set the Forms Auth bit so it might not even work.
You just need to include a post_param in your SWFUpload page that passes in the session id. Something like:
var swfu = new SWFUpload({

post_params : {

"ASPSESSID" : "<%=Session.SessionID %>"
}

});

Note: The overriding of the Forms Authentication cookie has not been tested but I think it should still work. Someone will have to let me know.
P.S. & Security Warning: Don't just copy and paste this code in to your ASP.Net application without knowing what you are doing. It introduces security issues and possibilities of Cross-site Scripting.
출처: http://www.swfupload.org/forum/generaldiscussion/98
#javascript/ajax란