Flex 3 - 如何支持 HTTP 身份验证 URLRequest? [英] Flex 3 - how to support HTTP Authentication URLRequest?
问题描述
我有一个 Flex 文件上传脚本,它使用 URLRequest 将文件上传到服务器.我想添加对 http 身份验证(服务器上受密码保护的目录)的支持,但我不知道如何实现这一点 - 我假设我需要以某种方式扩展该类,但是关于如何我有点迷茫.
I have a Flex file upload script that uses URLRequest to upload files to a server. I want to add support for http authentication (password protected directories on the server), but I don't know how to implement this - I assume I need to extend the class somehow, but on how to I'm a little lost.
我尝试修改以下内容(用 URLRequest 替换 HTTPService),但没有奏效.
I tried to modify the following (replacing HTTPService with URLRequest), but that didn't work.
private function authAndSend(service:HTTPService):void{
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("someusername:somepassword");
service.headers = {Authorization:"Basic " + encoder.toString()};
service.send();
}
我应该指出,我对 ActionScript/Flex 并不了解,尽管我设法成功地稍微修改了上传脚本.
I should point out that I'm not knowledgeable when it comes to ActionScript / Flex, although I have managed to successfully modify the upload script somewhat.
- 这是我的进度更新,基于下面的答案,虽然我仍然无法让它工作:
- here is an update of my progress, based on the answer below, although I still cannot get this to work:
感谢您的帮助.我已经尝试实现您的代码,但我没有任何运气.
Thank you for your assistance. I've tried to implement your code but I've not had any luck.
我在处理 HTTP 身份验证位置时遇到的一般行为是,IE7 一切正常,但在 Firefox 中,当我尝试将文件上传到服务器时,它会显示 HTTP 身份验证提示 - 即使给出了正确的详细信息, 只是暂停上传过程.
The general behaviour I'm experiencing when dealing with HTTP authenticated locations is that with IE7 all is well but in Firefox when I attempt to upload a file to the server it displays an HTTP authentication prompt - which even if given the correct details, simply stalls the upload process.
我认为 IE7 正常的原因在于浏览器和 Flash 组件共享的会话/身份验证信息 - 但是,在 Firefox 中情况并非如此,我遇到了上述行为.
I believe the reason IE7 is ok is down to the the session / authentication information being shared by the browser and the Flash component - however, in Firefox this is not the case and I experience the above behaviour.
这是我更新的上传功能,包含您的更改:
Here is my updated upload function, incorporating your changes:
private function pergress():void
{
if (fileCollection.length == 0)
{
var urlString:String = "upload_process.php?folder="+folderId+"&type="+uploadType+"&feid="+formElementId+"&filetotal="+fileTotal;
if (ExternalInterface.available)
{
ExternalInterface.call("uploadComplete", urlString);
}
}
if (fileCollection.length > 0)
{
fileTotal++;
var urlRequest:URLRequest = new URLRequest("upload_file.php?folder="+folderId+"&type="+uploadType+"&feid="+formElementId+"&obfuscate="+obfuscateHash+"&sessidpass="+sessionPass);
urlRequest.method = URLRequestMethod.POST;
urlRequest.data = new URLVariables("name=Bryn+Jones");
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("testuser:testpass");
var credsHeader:URLRequestHeader = new URLRequestHeader("Authorization", "Basic " + encoder.toString());
urlRequest.requestHeaders.push(credsHeader);
file = FileReference(fileCollection.getItemAt(0));
file.addEventListener(Event.COMPLETE, completeHandler);
file.addEventListener(HTTPStatusEvent.HTTP_STATUS, onHTTPStatus);
file.addEventListener(ProgressEvent.PROGRESS, onUploadProgress);
file.upload(urlRequest);
}
}
如上所述,无论是否修改我的函数,我似乎都遇到了相同的结果.
As stated above, I seem to be experiencing the same results with or without the amendments to my function.
我还能问一下 crossdomain.xml 应该放在哪里吗 - 因为我目前没有并且不确定应该放在哪里.
Can I ask also where the crossdomain.xml should be located - as I do not currently have one and am unsure where to place it.
推荐答案
URLRequest 的语法有点不同,但思路是一样的:
The syntax is a little different for URLRequest, but the idea's the same:
private function doWork():void
{
var req:URLRequest = new URLRequest("http://yoursite.com/yourservice.ext");
req.method = URLRequestMethod.POST;
req.data = new URLVariables("name=John+Doe");
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("yourusername:yourpassword");
var credsHeader:URLRequestHeader = new URLRequestHeader("Authorization", "Basic " + encoder.toString());
req.requestHeaders.push(credsHeader);
var loader:URLLoader = new URLLoader();
loader.load(req);
}
需要记住的几点:
我只能说,出于某种原因,这只适用于请求方法为 POST 的情况;没有使用 GET 请求设置标头.
Best I can tell, for some reason, this only works where request method is POST; the headers don't get set with GET requests.
有趣的是,除非至少有一个 URLVariables 名称-值对与请求打包在一起,否则它也会失败,如上所述.这就是为什么您在那里看到的许多示例(包括我的)附加name=John+Doe"——它只是 URLRequest 在设置任何自定义 HTTP 标头时似乎需要的某些数据的占位符.没有它,即使是经过适当身份验证的 POST 请求也会失败.
Interestingly, it also fails unless at least one URLVariables name-value pair gets packaged with the request, as indicated above. That's why many of the examples you see out there (including mine) attach "name=John+Doe" -- it's just a placeholder for some data that URLRequest seems to require when setting any custom HTTP headers. Without it, even a properly authenticated POST request will also fail.
显然,Flash 播放器版本 9.0.115.0 完全阻止了所有授权标头(有关此标头的更多信息 此处),因此您可能也需要牢记这一点.
Apparently, Flash player version 9.0.115.0 completely blocks all Authorization headers (more information on this one here), so you'll probably want to keep that in mind, too.
您几乎肯定必须修改 crossdomain.xml 文件以适应您要发送的标头.就我而言,我正在使用它,这是一个相当开放的策略文件,因为它可以从任何域接受,因此在您的情况下,您可能希望限制更多,具体取决于您的安全意识.
You'll almost surely have to modify your crossdomain.xml file to accommodate the header(s) you're going to be sending. In my case, I'm using this, which is a rather wide-open policy file in that it accepts from any domain, so in your case, you might want to limit things a bit more, depending on how security-conscious you are.
crossdomain.xml:
crossdomain.xml:
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="Authorization" />
</cross-domain-policy>
...这似乎有效;可从 Adobe 此处获得更多信息.
... and that seems to work; more information on this one is available from Adobe here).
上面的代码已经用 Flash player 10(带有调试和发布 SWF)进行了测试,所以它应该适合你,但我想更新我的原始帖子以包含所有这些额外信息,以防你遇到任何问题,因为您(遗憾地)很有可能会这样做.
The code above was tested with Flash player 10 (with debug & release SWFs), so it should work for you, but I wanted to update my original post to include all this extra info in case you run into any issues, as the chances seem (sadly) likely that you will.
希望有帮助!祝你好运.我会留意评论.
Hope it helps! Good luck. I'll keep an eye out for comments.
这篇关于Flex 3 - 如何支持 HTTP 身份验证 URLRequest?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
