ASP.NET | ASP.NET Controls | GoodToKnow | IIS | Jquery | Web Dev (.NET, HTML, etc)

Uploadify (Session and authentication) with ASP.NET

Challenge:

Sorry, comrades for not sharing anything with you since so long. But was bit occupied with other stuff, and as told you earlier that currently my main focus is on my Sitecore blog and yes, with your good wishes and god’s grace — got awarded as Sitecore MVP for the year of 2013! – Thank you!
Before couple of months back, we were trying to incorporate Uploadify [http://www.uploadify.com/documentation/] in to our solution. And while working on that we came across with Flash session bug, due to use Session, authentication and authorization — it means if your user is logged in and if your file upload operation wants that only logged in users can upload file then it won’t work with Uploadify by default. Don’t worry, we have a way to get out of it!

Solution:

I asked solution of this challenge to our common friend — Google, and found really interesting links:
http://joncahill.zero41.com/2009/11/problems-with-uploadify-aspnet-mvc-and.html

“Basically the issue is with flash where it will ignore the browser’s session state and grab the cookies from IE, which is a known and active bug. This means that both Chrome and Firefox won’t work with Uploadify and authorisation because flash will send no cookies! It also means it is entirely possible for it to have previously work for me while testing because I probably also had a IE window open and logged in while testing, which would have given me a valid cookie.”

http://trycatchfail.com/blog/post/2009/05/23/using-flash-with-aspnet-mvc-and-authentication.aspx

There is a well-known bug in Flash that causes it to completely ignore the browser’s session state when it makes a request.  Instead, it either pulls cookies from Internet Explorer or just starts a new session with no cookies.  GOOD CALL, ADOBE.  And when I say this bug is well-known, I mean it was reported in Flash 8.  It’s still sitting in the Adobe bug tracker.  It has been triaged, it seems to have high priority, yet it remains unfixed.  Again, GREAT job, Adobe.

http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx
http://stackoverflow.com/questions/1729179/uploadify-session-and-authentication-with-asp-net-mvc
Big thanks to all these article writers. Because it only helped us to find a solution. Using this solutions we were able to make session working. But authentication and membership information was not working . But we modified a bit in Global.asax and it started working. So, let me share a final solution with you:
1.  Pass session related information from your upload page in your upload call:
Just a note : This javascript code also covers other challenges as well (Which are not in scope of this article. But you may find it helpful!) e.g. passing dynamic data via onUploadStart, sending formdata via settings, showing uploadresult etc. The main variables which does the trick are — RequireUploadifySessionSync,SecurityToken,SessionId
[sourcecode language=”html”]
<script type="text/javascript">
var UploadifyAuthCookie = ‘<% = Request.Cookies[FormsAuthentication.FormsCookieName] == null ? string.Empty : Request.Cookies[FormsAuthentication.FormsCookieName].Value %>’;
var UploadifySessionId = ‘<%= Session.SessionID %>’;
$("#file_upload").uploadify({
‘buttonImage’: ‘/MultipleUploads/_scripts/browse-btn.jpg’,
‘scriptData’: { RequireUploadifySessionSync: true, SecurityToken: UploadifyAuthCookie, SessionId: UploadifySessionId },
‘formData’: { ‘KeyA’: ‘AValue’, ‘KeyB’: 1, RequireUploadifySessionSync: true, SecurityToken: UploadifyAuthCookie, SessionId: UploadifySessionId, UserName: UploadifyUserName }, // If some static data
‘auto’: false,
‘multi’: ‘true’,
‘swf’: ‘_scripts/uploadify.swf’,
‘uploader’: ‘<%= ResolveUrl("FileUploads.aspx") %>’,
‘onUploadStart’: function (file) {
// for all dynamic data
var objCheckUnPack = document.getElementById("chkUnpack");
var objCheckOverwrite = document.getElementById("chkOverwrite");
//                    alert(objCheckUnPack.checked);
//                    alert(objCheckOverwrite.checked);
$("#file_upload").uploadify("settings", "formData", { ‘IsUnPack’: objCheckUnPack.checked, ‘IsOverwrite’: objCheckOverwrite.checked });
//http://stackoverflow.com/questions/10781368/uploadify-dynamic-formdata-does-not-change
},
‘onQueueComplete’: function (queueData) {
alert(queueData.uploadsSuccessful + ‘ files were successfully uploaded. And there were few errors during upload for this number of files : ‘ + queueData.uploadsErrored);
window.open(‘<%= ResolveUrl("FileUploadResultPage.aspx") %>’, ‘Test’, ‘width=300,height=300’);
}
});
});
[/sourcecode]
2. Now, in Global.asax we have to handle this variables:
[sourcecode language=”csharp”]
protected void Application_BeginRequest(Object sender, EventArgs e)
{
// This check will ensure that we need to sync session only during uploadify upload!
if (HttpContext.Current.Request["RequireUploadifySessionSync"] != null)
UploadifySessionSync();
}
/// <summary>
/// Uploadify uses a Flash object to upload files. This method retrieves and hydrates Auth and Session objects when the Uploadify Flash is calling.
/// </summary>
/// <remarks>
///     Kudos: http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx
///     More kudos: http://stackoverflow.com/questions/1729179/uploadify-session-and-authentication-with-asp-net-mvc
/// </remarks>
protected void UploadifySessionSync()
{
try
{
string session_param_name = "SessionId";
string session_cookie_name = "ASP.NET_SessionId";
if (HttpContext.Current.Request[session_param_name] != null)
UploadifyUpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]);
}
catch { }
try
{
string auth_param_name = "SecurityToken";
string auth_cookie_name = FormsAuthentication.FormsCookieName;
if (HttpContext.Current.Request[auth_param_name] != null)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(HttpContext.Current.Request.Form[auth_param_name]);
if (ticket != null)
{
FormsIdentity identity = new FormsIdentity(ticket);
// This helped us to restore user details
string[] roles = System.Web.Security.Roles.GetRolesForUser(identity.Name);
System.Security.Principal.GenericPrincipal principal = new System.Security.Principal.GenericPrincipal(identity, roles);
HttpContext.Current.User = principal;
}
UploadifyUpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]);
}
}
catch { }
}
private void UploadifyUpdateCookie(string cookie_name, string cookie_value)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
if (cookie == null)
cookie = new HttpCookie(cookie_name);
cookie.Value = cookie_value;
HttpContext.Current.Request.Cookies.Set(cookie);
}
[/sourcecode]
Happy Uploading via Uploadify! 🙂

2
.NET | ASP.NET | IIS | Web Dev (.NET, HTML, etc)

Export to Excel/CSV doesnt work on IE under SSL (https)

Challenge:

We’ve one functionality where user can save CSV/Excel file. Which was working fine in all browsers when we check it via HTTP. But it doesn’t work under IE when we do it via HTTPS.

Solution:

Cause:
1. If your page is passing caching header – Response.AddHeader(“Cache-Control”, “no-cache”);
2. And having export to CSV/Excel — Via Response.Write code.
Then it will not work in IE6/7/8 — This KB article says that this issue is fixed in IE9 — http://support.microsoft.com/kb/323308
OR remove no-cache control header from your page. But it is also required to have it as you might not want to save sensitive pages on client side. And if you remove no-cache header then it will save sensitive pages on client side. Isn’t it a real fix? Don’t worry we have a solution for you!
We googled it and found following link:
http://aspnettechstuffs.blogspot.in/2010/05/export-to-excel-does-not-work-in-ssl.html
Which worked for us in IIS 6.0 But not in IIS 7.5. Also, we wanted to avoid IIS specific changes and wanted to fix it from code. So, it doesn’t affect full functionality and only affects related modules.
We added following line in top of our export to CSV/excel method:
Response.ClearHeaders();
// Following by Export to Excel and Response attribute’s logic
And it did a trick!
Happy Coding! 🙂

Good to read:

http://stackoverflow.com/questions/4672073/export-to-excel-doesnt-work-on-ie-under-ssl-https

ASP.NET | IIS | Web Dev (.NET, HTML, etc)

Debug Your ASP.NET Application that Hosted on IIS

Challenge:

One of my friend asked me that how we can debug Website which is hosted on IIS? The answer was quite simple and I am using it since so long. But I thought I should document it and that’s why putting the information on this blog. So when you guys need to do this, you can do it!

Solution:

First I thought to write my own article. But suddenly thought some one might have already written on this, and I found following nice article:
http://www.codeproject.com/KB/aspnet/ProcessAttache.aspx#9
Article is so nice — Good Job Blog Author!
Just two things I would like to add to it which is as below:

  1. Shortcut for Attach to process menu is CTRL + ALT + P.
  2. If you are using windows XP then you will not find “w3wp.exe“. You will find “aspnet_wp.exe

If you found this post helpful say thanks to CodeProject article author.
Happy Debugging! 🙂