When installing and configuring CKFinder, sometimes it may happen that for unknown reason CKFinder doesn't work as expected, for example it returns an error about insufficient permissions ("It was not possible to complete the request due to file system permission restrictions."). In such case it might be more usable to run the debug version of server connector to find out what's the problem.


To use CKFinder for ASP.NET in debug mode, add <compilation debug="false"/> to the web.config.

<compilation debug="true" />


Apart from setting compilation element, the debug version of CKFinder binaries: CKFinder.dll and CKFinder.pdb should be copied to the "bin" directory of ASP.NET application. Both files are available in the ckfinder/bin/Debug directory.

When debugging problems with file uploads, using a tool to trace HTTP connections, like Fiddler, might be helpful.

Warning: it is not recommended to run production ASP.NET applications with debug mode enabled.

Flash Upload Problem

Note: the flash upload component has been completely removed in CKFinder 2.6.

As of CKFinder 2.1 we have introduced a new Flash component for multiple file upload. It is working great except in one situation. When you use your own authentication method in CKFinder (you have overridden the checkAuthentication() method), based on a variable placed in the session scope, in browsers other than Internet Explorer you might see the following error while trying to upload images: "The file browser is disabled for security reasons. Please contact your system administrator and check the CKFinder configuration file".

CKFinder Flash Upload Problem

This is happening because of an old Flash "cookie bug". If you are interested in seeing reports on this issue you can follow the links below (login is required):

To sum up the problem: as you probably know, the browser has a cookie space which is designed to store cookies that are used for the communication with the server. When the Flash component (embedded in the Web page) is being initialized, it creates its own separate cookie space in non-IE browsers from which unfortunately wrong or no cookies are sent. If correct cookies are not sent, sessions and cookie-based authentication will not work.

To work around this problem we have created a dedicated HTTP module named FixFlashCookies which retrieves appropriate cookies on the server side. If you are using the Flash upload component together with session scope variables to identify your user, make sure this module is enabled in your web.config.

    <add name="FixFlashCookies" type="CKFinder.Utils.FixFlashCookiesModule" />

Alternatively, in most cases enabling cookieless in the web.config file should solve this issue as well:

  <sessionState cookieless="true" />

Disabling FCN

When File Change Notifications (FCN) are turned on, session state may be lost after deleting a subfolder. See this blog post on msdn to find out more about this issue. This might be a problem when using CKFinder, i.e. user might be automatically logged out after deleting a folder.

A resolution for this problem (apart from suggestions in the blog post mentioned above) is using a special HTTP module that disables FCN provided with CKFinder, named StopAppDomainRestartModule. To enable this module, add the following to web.config inside the <system.web> element:

<add name="StopAppRestartOnFolderDelete" type="CKFinder.Utils.StopAppDomainRestartModule" />

Note: this solution will not work in medium trust environment.

This page was last modified on 5 December 2015, at 17:08.