关于Swf文件发出的请求能否得到referer和cookie的测试

最近由于项目需要,在没有完全开放crossdomain.xml的前提下需要知道从Swf文件发出的请求在能否被服务器得到与该请求相关http header 头里面的referer和cookie。

测试工具:Fiddler,Firebug,Arthropod.

测试方法:让swf以以下的几种方式向服务器发送请求,用fiddler或者firebug监听该请求的http header信息。

测试环境:
系统:window 7;
浏览器:IE8, Firefox 3.6.12,Chrome 7.0.517.41, Safari 5.0.2,Opera 10.63;
Flash Player : 10.1.85.3 ; 9.0.280.0;

请求一个地址;请求方式:GET;
两种版本的Player结果一样:


 IE8 Firefox chrome safari opera
Referer Yes No Yes No Yes
cookie Yes Yes Yes Yes Yes

请求一个地址;请求方式:POST;
两种版本Player的结果一样:


 IE8 Firefox chrome safari opera
Referer Yes Yes Yes Yes Yes
cookie Yes Yes Yes Yes Yes

利用ByteArray方式上传图片;请求方式:POST;
请求头信息:(“Content-type”, “application/octet-stream”);
两种版本的Player结果一样:


 IE8 Firefox chrome safari opera
Referer Yes Yes Yes Yes Yes
cookie Yes Yes Yes No Yes

利用FileReference 上传图片;请求方式:POST;
两种版本的Player结果一样:


 IE8 Firefox chrome safari opera
Referer No No No No No
cookie Yes No No No No

以上的非IE浏览器,在用FileReference上传图片时,如果ie里面有cookie,则它们会得到ie里面的cookie!

 

 

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
package
{
    import flash.display.Sprite;
    import flash.events.Event;
    import flash.events.MouseEvent;
    import flash.events.DataEvent;
     
    import flash.net.URLLoader;
    import flash.net.URLRequestMethod;
    import flash.net.URLRequestHeader;
    import flash.net.URLRequest;
    import flash.net.URLVariables;
    import flash.net.FileReference;
    import flash.net.FileFilter;
     
    import flash.display.Loader;
    import flash.display.LoaderInfo;
    import flash.display.Bitmap;
    import flash.display.BitmapData;
     
    import flash.system.LoaderContext;
    import flash.utils.ByteArray;
     
    import com.carlcalderon.arthropod.Debug;
    import com.adobe.images.JPGEncoder;
    import SimpleBtn;
     
    /**
     * ...
     * @author Rialover<br>    */
    public class Main extends Sprite
    {
        private var _url:String = "http://www.test.com/request_test/request.php";
        private var _picURL:String = "blog.jpg";
        private var _uploadURL:String = "http://www.upload.com/upload2.php";
        private var _req:URLRequest;
        private var _loader:URLLoader;
        private var _bmd:BitmapData;
        private var _btn:SimpleBtn;
        private var _fileRef:FileReference;
        private var _imgFilter:FileFilter;
         
        public function Main():void
        {
            if (stage) init();
            else addEventListener(Event.ADDED_TO_STAGE, init);
        }
         
        private function init(e:Event = null):void
        {
            removeEventListener(Event.ADDED_TO_STAGE, init);
             
            _req = new URLRequest(_url);
            //_req.method = URLRequestMethod.POST;
            var val:URLVariables = new URLVariables();
            val["name"] = "seamoon";
            val["age"] = 26;
            _req.data = val;
             
            _loader = new URLLoader();
            _loader.addEventListener(Event.COMPLETE, dataOK);
            _loader.load(_req);
             
            _btn = new SimpleBtn(" 浏 览 ");
            _btn.x = _btn.y = 30;
            _btn.addEventListener(MouseEvent.CLICK, selectLocalPic);
            addChild(_btn);
             
            _fileRef = new FileReference();
            _imgFilter = new FileFilter("Image Files (*.jpg, *.gif, *.jpeg, .*.png)", "*.jpg; *.gif; *.jpeg; *.png");
        }
         
        private function dataOK(evt:Event):void
        {
            var str:String = _loader.data as String;
            Debug.log("text request Hander",0xFF3300);
            Debug.log(str,0xFFFFFF);
            //loaderPic(_picURL);
        }
         
        /**
         * 加载初始头像
         * @param   url
         */
        public function loaderPic(url:String):void
        {
            var picReq:URLRequest = new URLRequest(url);
            var picLoader:Loader = new Loader();
            var lc:LoaderContext = new LoaderContext(true);
            picLoader.contentLoaderInfo.addEventListener(Event.COMPLETE, initPicHandler);
            picLoader.load(picReq,lc);
        }
         
        /**
         * 初始头像加载完成
         * @param   evt
         */
        private function initPicHandler(evt:Event):void
        {
            var tgt:LoaderInfo = evt.target as LoaderInfo;
            tgt.removeEventListener(Event.COMPLETE, initPicHandler);
             
            var loader:Loader = new Loader();
            loader.contentLoaderInfo.addEventListener(Event.COMPLETE, initBMD);
            loader.loadBytes(tgt.bytes);
        }
         
        /**
         * 得到初始头像的 BitmapData
         * @param   evt
         */
        private function initBMD(evt:Event):void
        {
            var tgt:LoaderInfo = evt.target as LoaderInfo;
            tgt.removeEventListener(Event.COMPLETE, initBMD);
            var loader:Loader = tgt.loader as Loader;
            var bmd:BitmapData = new BitmapData(loader.width, loader.height);
            bmd.draw(loader);
            _bmd = bmd;
            loader.unload();
             
            uploadPic();
        }
         
        private function uploadPic():void
        {
            var jpgEncoder:JPGEncoder = new JPGEncoder(100);
            var avatarBta:ByteArray = jpgEncoder.encode(_bmd);
             
            var header:URLRequestHeader = new URLRequestHeader("Content-type", "application/octet-stream");
            var jpgUploadRequest:URLRequest = new URLRequest(_uploadURL + "?name=" + new Date().getTime() + ".jpg");
             
            jpgUploadRequest.requestHeaders.push(header);
            jpgUploadRequest.method = URLRequestMethod.POST;
            jpgUploadRequest.data = avatarBta;
             
            var loader:URLLoader = new URLLoader();
            loader.addEventListener(Event.COMPLETE, uploadComplete);
            loader.load(jpgUploadRequest);
        }
         
        private function uploadComplete(evt:Event):void
        {
            Debug.log("upload jpg Hander",0xFF3300);
            var loader:URLLoader = evt.target as URLLoader;
            Debug.log(loader.data,0xFFFFFF);
        }
         
         
        private function selectLocalPic(evt:MouseEvent):void
        {
            _fileRef.browse([_imgFilter]);
            _fileRef.addEventListener(Event.SELECT, onFileSelected);
        }
         
        /**
         * 根据FP的版本,选择如何处理本机图片
         * @param   evt
         */
        private function onFileSelected(evt:Event):void
        {
            _fileRef.removeEventListener(Event.SELECT, onFileSelected);
            uploadFile();
        }
         
        private function uploadFile():void
        {
            var urlrequest:URLRequest = new URLRequest("http://www.upload.com/upload/uploadPic.php");
            _fileRef.addEventListener(DataEvent.UPLOAD_COMPLETE_DATA, startPhotoCut);
            _fileRef.upload(urlrequest);
        }
         
        private function startPhotoCut(evt:DataEvent):void
        {
            Debug.log(evt.toString());
        }
         
         
    }
     
}

posted on   ASV5  阅读(1242)  评论(1编辑  收藏  举报

编辑推荐:
· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
阅读排行:
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 地球OL攻略 —— 某应届生求职总结
· 提示词工程——AI应用必不可少的技术
· Open-Sora 2.0 重磅开源!
· 周边上新:园子的第一款马克杯温暖上架
< 2010年10月 >
26 27 28 29 30 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31 1 2 3 4 5 6

统计

点击右上角即可分享
微信分享提示