Flex 3 - 如何支持 HTTP Authentication URLRequest? [英] Flex 3 - how to support HTTP Authentication URLRequest?
问题描述
我有一个 Flex 文件上传脚本,它使用 URLRequest 将文件上传到服务器.我想添加对 http 身份验证(服务器上受密码保护的目录)的支持,但我不知道如何实现这一点 - 我假设我需要以某种方式扩展类,但是我有点迷失了.
I have a Flex file upload script that uses URLRequest to upload files to a server. I want to add support for http authentication (password protected directories on the server), but I don't know how to implement this - I assume I need to extend the class somehow, but on how to I'm a little lost.
我尝试修改以下内容(将 HTTPService 替换为 URLRequest),但没有成功.
I tried to modify the following (replacing HTTPService with URLRequest), but that didn't work.
private function authAndSend(service:HTTPService):void{
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("someusername:somepassword");
service.headers = {Authorization:"Basic " + encoder.toString()};
service.send();
}
我应该指出,我对 ActionScript/Flex 并不了解,尽管我已经成功地修改了上传脚本.
I should point out that I'm not knowledgeable when it comes to ActionScript / Flex, although I have managed to successfully modify the upload script somewhat.
- 这是我的进度更新,基于下面的答案,虽然我仍然无法让它工作:
- here is an update of my progress, based on the answer below, although I still cannot get this to work:
感谢您的帮助.我已尝试实现您的代码,但没有任何运气.
Thank you for your assistance. I've tried to implement your code but I've not had any luck.
我在处理 HTTP 身份验证位置时遇到的一般行为是,IE7 一切正常,但在 Firefox 中,当我尝试将文件上传到服务器时,它会显示 HTTP 身份验证提示 - 即使给出了正确的详细信息,只是停止上传过程.
The general behaviour I'm experiencing when dealing with HTTP authenticated locations is that with IE7 all is well but in Firefox when I attempt to upload a file to the server it displays an HTTP authentication prompt - which even if given the correct details, simply stalls the upload process.
我认为 IE7 正常的原因是浏览器和 Flash 组件共享的会话/身份验证信息 - 但是,在 Firefox 中情况并非如此,我遇到了上述行为.
I believe the reason IE7 is ok is down to the the session / authentication information being shared by the browser and the Flash component - however, in Firefox this is not the case and I experience the above behaviour.
这是我更新的上传功能,包含您的更改:
Here is my updated upload function, incorporating your changes:
private function pergress():void
{
if (fileCollection.length == 0)
{
var urlString:String = "upload_process.php?folder="+folderId+"&type="+uploadType+"&feid="+formElementId+"&filetotal="+fileTotal;
if (ExternalInterface.available)
{
ExternalInterface.call("uploadComplete", urlString);
}
}
if (fileCollection.length > 0)
{
fileTotal++;
var urlRequest:URLRequest = new URLRequest("upload_file.php?folder="+folderId+"&type="+uploadType+"&feid="+formElementId+"&obfuscate="+obfuscateHash+"&sessidpass="+sessionPass);
urlRequest.method = URLRequestMethod.POST;
urlRequest.data = new URLVariables("name=Bryn+Jones");
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("testuser:testpass");
var credsHeader:URLRequestHeader = new URLRequestHeader("Authorization", "Basic " + encoder.toString());
urlRequest.requestHeaders.push(credsHeader);
file = FileReference(fileCollection.getItemAt(0));
file.addEventListener(Event.COMPLETE, completeHandler);
file.addEventListener(HTTPStatusEvent.HTTP_STATUS, onHTTPStatus);
file.addEventListener(ProgressEvent.PROGRESS, onUploadProgress);
file.upload(urlRequest);
}
}
如上所述,无论是否修改我的功能,我似乎都遇到了相同的结果.
As stated above, I seem to be experiencing the same results with or without the amendments to my function.
我也可以问一下 crossdomain.xml 应该放在哪里 - 因为我目前没有,也不确定放在哪里.
Can I ask also where the crossdomain.xml should be located - as I do not currently have one and am unsure where to place it.
推荐答案
URLRequest的语法有点不同,但思路是一样的:
The syntax is a little different for URLRequest, but the idea's the same:
private function doWork():void
{
var req:URLRequest = new URLRequest("http://yoursite.com/yourservice.ext");
req.method = URLRequestMethod.POST;
req.data = new URLVariables("name=John+Doe");
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("yourusername:yourpassword");
var credsHeader:URLRequestHeader = new URLRequestHeader("Authorization", "Basic " + encoder.toString());
req.requestHeaders.push(credsHeader);
var loader:URLLoader = new URLLoader();
loader.load(req);
}
有几点要记住:
我可以说,出于某种原因,这仅适用于请求方法为 POST 的情况;没有使用 GET 请求设置标头.
Best I can tell, for some reason, this only works where request method is POST; the headers don't get set with GET requests.
有趣的是,除非至少有一个 URLVariables 名称-值对与请求一起打包,否则它也会失败,如上所述.这就是为什么您看到的许多示例(包括我的示例)都附加了name=John+Doe"——它只是 URLRequest 在设置任何自定义 HTTP 标头时似乎需要的一些数据的占位符.没有它,即使是经过正确身份验证的 POST 请求也会失败.
Interestingly, it also fails unless at least one URLVariables name-value pair gets packaged with the request, as indicated above. That's why many of the examples you see out there (including mine) attach "name=John+Doe" -- it's just a placeholder for some data that URLRequest seems to require when setting any custom HTTP headers. Without it, even a properly authenticated POST request will also fail.
显然,Flash 播放器版本 9.0.115.0 完全阻止了所有 Authorization 标头(有关此的更多信息 这里),所以您可能也要记住这一点.
Apparently, Flash player version 9.0.115.0 completely blocks all Authorization headers (more information on this one here), so you'll probably want to keep that in mind, too.
您几乎肯定必须修改您的 crossdomain.xml 文件以适应您要发送的标头.就我而言,我正在使用它,这是一个相当广泛的策略文件,因为它可以从任何域接受,所以在你的情况下,你可能想要更多地限制一些事情,这取决于你的安全意识有多强.
You'll almost surely have to modify your crossdomain.xml file to accommodate the header(s) you're going to be sending. In my case, I'm using this, which is a rather wide-open policy file in that it accepts from any domain, so in your case, you might want to limit things a bit more, depending on how security-conscious you are.
crossdomain.xml:
crossdomain.xml:
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="Authorization" />
</cross-domain-policy>
... 这似乎有效;Adobe 此处提供了有关此信息的更多信息.
... and that seems to work; more information on this one is available from Adobe here).
上面的代码是用 Flash player 10(带有调试和发布 SWF)测试的,所以它应该适合你,但我想更新我的原始帖子以包含所有这些额外的信息,以防你遇到任何问题,因为您似乎(可悲地)很有可能会这样做.
The code above was tested with Flash player 10 (with debug & release SWFs), so it should work for you, but I wanted to update my original post to include all this extra info in case you run into any issues, as the chances seem (sadly) likely that you will.
希望对您有所帮助!祝你好运.我会留意评论.
Hope it helps! Good luck. I'll keep an eye out for comments.
这篇关于Flex 3 - 如何支持 HTTP Authentication URLRequest?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
