It may be the Flash cookie bug: Flash always send IE cookies regardless of browser. This is a problem for example when you are using Forms Authentication:
- The user login which create a Session cookie.
- The user access a Flash component (e.g. an upload component) that makes requests to the server and the requests access Session or is affected by Forms Authentication.
Call 2 will fail since there are no session cookie sent to the server since the session cookie is in Firefox's cookies and Flash is sending IE:s cookies. In your case it seems that the user is redirected to a login page (which seems to be /default.aspx).
Solution to this problem is to make the Flash component send cookies as post parameters and then recreate the cookies in a HttpHandler from the post parameters. I can post some sample code if you need it.
This is a common problem with SwfUpload component that I use a lot. I also use it inside umbrao so I also recreate umbraco's login cookies.
Update: here is source code of the HttpModule that I use:
using System;
using System.Collections.Specialized;
using System.Configuration;
using System.Web;
using System.Web.Configuration;
using System.Web.Security;
namespace cimkey.utility
{
public class SwfUploadModule : IHttpModule
{
private NameValueCollection paramNameToCookieName;
private void BuildParamNameToCookieNameList()
{
if (paramNameToCookieName != null)
return;
// ASP.NET session.
const string session_param_name = "ASPSESSID";
SessionStateSection SessionSettings = (SessionStateSection)ConfigurationManager.GetSection("system.web/sessionState");
string session_cookie_name = SessionSettings.CookieName; // "ASP.NET_SESSIONID";
// Forms authentication.
const string auth_param_name = "AUTHID";
string auth_cookie_name = FormsAuthentication.FormsCookieName;
paramNameToCookieName = new NameValueCollection
{
{ session_param_name, session_cookie_name },
{ auth_param_name, auth_cookie_name },
{ "umbracoMemberLogin", "umbracoMemberLogin"},
{ "umbracoMemberId", "umbracoMemberId" },
{ "umbracoMemberGuid", "umbracoMemberGuid" }
};
}
public void Init(HttpApplication context)
{
BuildParamNameToCookieNameList();
context.BeginRequest += context_BeginRequest;
}
public void Dispose()
{
}
void context_BeginRequest(object sender, EventArgs e)
{
/* Fix for the Flash Player Cookie bug in Non-IE browsers.
* Since Flash Player always sends the IE cookies even in FireFox
* we have to bypass the cookies by sending the values as part of the POST or GET
* and overwrite the cookies with the passed in values.
*
* The theory is that at this point (BeginRequest) the cookies have not been ready by
* the Session and Authentication logic and if we update the cookies here we'll get our
* Session and Authentication restored correctly
*/
try
{
foreach (string paramName in paramNameToCookieName.Keys)
{
string cookieName = paramNameToCookieName[paramName];
if (HttpContext.Current.Request.Form[paramName] != null)
{
UpdateCookie(cookieName, HttpContext.Current.Request.Form[paramName]);
}
else if (HttpContext.Current.Request.QueryString[paramName] != null)
{
UpdateCookie(cookieName, HttpContext.Current.Request.QueryString[paramName]);
}
}
}
catch (Exception)
{
}
}
static void UpdateCookie(string cookie_name, string cookie_value)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
if (cookie != null)
{
cookie.Value = cookie_value;
HttpContext.Current.Request.Cookies.Set(cookie);
}
else
{
cookie = new HttpCookie(cookie_name, cookie_value);
HttpContext.Current.Request.Cookies.Add(cookie);
}
}
}
}
Modify it to keep track of your cookies, it currently check cookies for
- ASP.NET session
- Forms Authenticatio
- Umbraco cookies
It checks for both post and request parameters. You client side code must make sure that these parameters are sent to the server (I send these parameters in a jQuery ajax POST call).