1

I encountered a weird error, I lose sessions when moving between pages.

I just figured out why it heppends, but can figure out how to fix it.

I lose Sessions because i use Flash (swf) menu to navigate between pages.

So when i navigate to a page using the Flash menu, I lose the session.

Any way to fix it?

-----------------------EDIT----------------------

It doesn't let me answer my own question so here is the answer:

Thx for answering, but the problam wasn't the flash..

I just found out that the session was opened on http://WebSite.com/ And the flash was redirecting to http://www.WebSite.com/

So the session losts between domains, and not between pages because of flash :) I just made all my site use the www domain .

Thanks, Dan

Danpe
  • 18,668
  • 21
  • 96
  • 131
  • (Displaying my completely unwarranted bias against Flash) Don't use Flash. Use ANYTHING else. I know that could be considered trolling, but my last two virus infections came from infected Flash files exploiting Flash vulnerabilities, so I hate seeing "Flash Required" on any web site because I know it makes me more vulnerable. – David Apr 20 '11 at 17:58
  • Thx for answering, but the problam wasn't the flash.. I just found out that the session was opened on http://WebSite.com/ And the flash was redirecting to http://www.WebSite.com/ So the session losts between domains, and not between pages because of flash :) I just made all my site use the www domain . Thanks, Dan – Danpe Apr 20 '11 at 18:08
  • you could set the domain of your cookie to just "website.com" and it will then be available to any subdomain – Morgan T. Apr 20 '11 at 18:10
  • http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.cookiedomain.aspx – Morgan T. Apr 25 '11 at 20:39

3 Answers3

1

The reason this is occurring is because flash is not sending the ASP.NET cookie along with the request so ASP.NET has no clue who you are when the request is being made by flash.

I think the browser considers the flash plugin as a seperate instance so it has it's own session.

Here is some background:

http://swfupload.org/forum/generaldiscussion/98

EDIT: Found this SO question that might be of help as well:

Session is different if flash uploads photo to the aspx page

Community
  • 1
  • 1
Kelsey
  • 47,246
  • 16
  • 124
  • 162
1

Thx for answering, but the problam wasn't the flash..

I just found out that the session was opened on http://WebSite.com/ And the flash was redirecting to http://www.WebSite.com/

So the session losts between domains, and not between pages because of flash :) I just made all my site use the www domain .

Thanks, Dan

Danpe
  • 18,668
  • 21
  • 96
  • 131
0

Try using fiddler2 to check html header and see if the auth token is still the same when you navigate to a new page using the flash menu.

http://www.fiddler2.com/fiddler2/

Will
  • 1