Flash Cross Domain Policy For Apache
Dec 23, 2009I was looking around but couldn't find it where can I add the cross domain policy of Adobe in Apache server. Because without it, its not letting me access my XML on another server.
View 1 RepliesI was looking around but couldn't find it where can I add the cross domain policy of Adobe in Apache server. Because without it, its not letting me access my XML on another server.
View 1 RepliesWe're building an app that loads a user's photos from facebook. It seems facebook hosts these images across multiple hosts. Is it possible to dynamically add a cross domain policy, after a Security sandbox violation has occurred?
[Code]...
any one have a snip of code to allow the flash player to acess a cross domain policy file. i have one but its for as2 i tried it in as3 and it throws me errors.
View 4 Repliesdoes the cross domain policy has to be in the root of the website or can it be in any subdirectoy from which we wish to load images form another domain?
View 0 RepliesI'm getting an error:
Error #2048: Security sandbox violation: http://www.m.com/p/bin-debug/main.swf cannot load data from http://rateservice.m.com/rateservice.svc/.
My cross domain file at http:[url]....
<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*.m.com"/></cross-domain-policy>
using m as alias . how I'm gonna fix this as it should work. I done a firbug test and the cross domain is being found by lash in firebug
If I have my .swf files on "SERVER A" and they need to access my video files on "FMS SERVER B", on which server to I need to put a cross-domain policy file?
View 2 RepliesI have created a socket server on port 6666 because port 843 is in use on my mac.So when flash player request "policy-file-request" I return to it the cross domain xml, but I keep getting the security error that "cannot load data from".[code]As you see I receive the cross domain from the socket server.But I don't understand why flash player doesn't accept that?xmlsocket.connect("localhost", "6666");Does anybody have any idea why it throws that error "cannot load data from" ?
View 0 RepliesI have a SWF on that reads in XML URL's to images on sit. They wont load once the flash file is posted online.I am trying to understand the cross domain policy stuff but am confused? Some say the crossdomain.xml is supposed to reside on my site, others say the site I am trying to access. If the later is true I don't know to get them to add itAlso, what exactly is in the crossdomain file? One person said to redirect the policy
View 1 RepliesI'm accessing a server's sockets from the flash client using Flash CS3 professional.However, should I run it in debug mode OR run the .swf file, it doesn't connect.Fine, it's the crossdomain.xml file.I create and host this file using apache webserver, and it is accessible using firefox/ie.loadPolicyFile seems to work, BUT IT DISCONNECTS IMMEDIATELY.What am I doing wrong??
<cross-domain-policy>
<allow-access-from domain="*" to-ports="3300"/>
<allow-access-from domain="*" to-ports="3333"/>
[code].....
So I thought, shouldn't be much of a trouble to connect to a socket server from a different domain.Oh boy how wrong I was After several days of frustration, looking over multiple love docs, boards, etc, you get the picture I really haven't gotten anywhere figuring out why its not working. My connection routine is simple, load up a file policy from the server and then connect to it.
[Code]...
How do I write a cross domain policy file which will allow an xml file from [URL] and from [URL]? The only cross domain policy files I've ever used use * as allowable domains I don't want to do this.
View 1 RepliesI am having a heck of a time loading an image from Amazon S3.[code]...
Is there any way I can avoid having to hard-code the policy file path in my AS?
My swf works fine when previewed locally but because of flash cross domain issues (link below) doesnt work live. [URL] Ive used a 'crossbrowser.php file to .load in xml but am not having success with the sendAndLoad command. [URL]
View 3 RepliesThe company I work for has their own Flash based video player and the question I get from our execs is "Can we tell what website our player is embedded on?"At first, I hypothesized I could use Apache mod_rewrite, extract the HTTP_REFFER, and append it to the end of the requested URL. So as the browser gets http://.../viewer.swf, I could slap on ?However, I don't think our CDN will cater to our htaccess file. Plus, mostly all the access_log entries show a dash rather than the domain.So I'm casting this question our here to see if I catch any ideas or solutions. Currently, everything points to 'not possible'.
View 5 Repliespost the code for a working cross-domain securityfile that allows access only from the same domain as all the flashfiles and xml files are in?used to be easy in as2 but i think i dont know what i need to know about it in as3..
View 3 RepliesI have two swf files hosted on different domains [URL] and [URL]. a.swf is loading b.swf and trying to cast it to some interface. When both of these swf files are under the same domain everything works fine. But when they are under different domains I'm getting null after casting b.swf to the implemented interface IComponent. Both of these swfs are compiled with use-network=true and with the same IComponent.as.
[Code]...
As you might know, browser's security model does not allow a script loaded in a page from http:[url]... to make cross-domain requests (no AJAX calls to any other domain other than url...).The Javascript file itself could have been served from a different domain altogether (url....) and that is irrelevant. This is the Same-Origin Policy.
Flash also has something similar? But does Flash treat the origin to be the HTML page where the .swf file was loaded or origin is the domain which served the .swf file?
So http:[url]... loads a .swf file from http:[url].... Now .swf can load resources only from [url].... or only [url....? I'm assuming there are no cross-domain.xml files setup on either [url]....
I'm running a rails3 project with an external asset host for all javascript, images, swfs etc. This is on a completely different domain. So know I tried to embed some SWFs using swfobject. In development (same host) everything works fine, but in production (different hosts) it doesn't start the flash (firebug shows the file is loaded but nothing appears on the page). I already put this crossdomain.xml file in the root of the asset host but it does not change anything at all.
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
[code]....
What can I do to make it work? The SWFs I'm using are not developed by me, so I cannot change them. Some are simple sounds, others are videos and small "apps". I don't want to have to make rails serve the swfs.
I have a flash accordion embedded using SWFObject. The SWF and related XML file are hosted on one domain. I have about 10 sites embedding this SWF from it's hosted location, both the SWF and the XML. The accordion links to various pages of my domains. The domain in which the SWF and XML file are hosted, the links work as expected. The other domains that the SWF is not hosted on, the links do not work at all. I verified it's a cross domain issue by placing the SWF and XML files locally on each domain and they worked, but this is not how I want it setup. I attempted to use crossdomain.xml and allow access from all hosts but that didn't work either.
View 1 RepliesThe update to Flash 10.1 kills my cross-domain. Formerly, my file looked like this:
<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy>[code]......
I updated to this based on what I read on this site:
<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM [code].....
We are using SAP Business Objects Xcelsius, which creates the .swf file that users are using to access our environment. So, I do not have any control over the code base itself.
Lets say I have a PHP application using very cheap shared hosting. What is the best way to stream audio/video (mp3/mpeg) that is tens of megabytes to hundreds of megabytes in size. I am thinking of a PHP based cross-domain proxy that uses caching. Is there something wrong with this approach?
View 1 RepliesI have a SWF file which is on suppose [URL] and I have an cross domain file
[Code]...
I dont know that happend. When I user Firebug, the swf is looking for [URL] it is present there. But [URL] is not there(I can't put any corssdomain file there, because I dont have any access). The issue is image from (SESSION 1) is resizing and image from (SESSION 2) is not resizing on the COMPLETE Event.
We have a Flash application that is running within an HTML file.For one page we call a legacy reporting system in ASP.NET that is within an IFRAME. This page then communicates back to the Flash application using cross-domain scripting (document.domain = "domain" is set in both pages. Now the kicker. Flash has history tracking enabled.This loads the history.js file that created a div tag to store page changes so the back and forward buttons work in the browser.Which works for Firefox and Chrome as they create a div tag.In Internet Explorer, history.js creates another IFRAME (instead of a DIV) called ie_historyFrame.When the ScriptResource.axd code attempts to access this with:[code]At my wit's end on this one.We have users who need to use IE to access this site. They are big clients who we cannot tell to just use Firefox.
View 2 RepliesFlash cross-domain policy files only allow you to specify allow-domain-from tags.I'd like to know if there is a way to limit access as if the tag read allow-domain-to. In other words:[URL]...
Is it possible to achieve this without resorting to creating a special sub domain for flash callbacks?
I created an XML gallery in as3 that will be loading images from a different domain.
I have a .swf (swf1) on serverA that loads an XML from serverB. The XML on serverB points to the image locations located on serverB (I need to host the images on serverB because server A doesn't have enough room).
The images load fine from swf1 locally in Flash, but when I publish swf1 to serverA, the images do not load. My guess is that the XML on serverB is not being loaded correctly because I can see that swf1 on the webpage.
Here is how my XML is set up:
<?xml version="1.0" encoding="UTF-8" ?>
<images>
<image src="http://serverB/media/images/image.jpg" title="This is image 1"/>
</images>
[Code].....
I recently obtained two different domains that point to a subdirectory of another domain server. The swf file I created does not show up when I use the domains that are pointing to the subdirectory of the original domain.I placed an xml file into the root directory that contains the following code:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">[code]....
Nothing shows up. Is there something else I need to do make this work? I created the swf file using CS3.
What my swf (on mysite1.com) need to do, is that POSTing some php values from mysite1.com (paid hosting) to a file on mysite2.com (free hosting) and get the 100% of the html response. I've started this project in AS2 but I couldn't find a function that get the source of a website, so I recreate the project in AS3 with URLRequest and URLLoader. Everything went fine, I've finished the project, uploaded the file, and there comes the cross domain problem. I can't upload/modify any file on mysite2.com because I can only add pages/posts (like a blog). I've read at least 20 forums about this, but can't find the solution.
I know (from the manual) that in later versions of flash and/or AS, the swf file asked the user for permission (like now for the webcam). Is there a way to do this in as3 or any way to bypass the need of the crossdomain xml file? If no, what is that older flash version that can do this permission request or that don't need that xml, (but still can post to php files and get the whole response).
I'm really upset, because I worked a lot of hour on this, and I was so happy that I could finish it, but I didn't know that there is such a big difference in security between local and online swf files.
it's just not working for me I made a crossdomain.xml file that looks like this:
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
i put that in the folder with the php file i want to access[URL]..
I am currently building an XML Socket Server that I am running locally on my computer. My flash client I build as an executable that runs on your computer and connects to mine via port 9000. I want however, to be able to run the flash client as a .swf in a web page on my website. I have a security policy but I don't know if I am using it right. My server is extremely basic still, it has no admin controls or even authentication or anything, right now it just spits back what it is given essentially, while I test out things and stuff. I just don't know how to handle any cross browser stuff.
********************************************All my code works as is if the flash file is compiled as a .exe from any computer. I have tested that. It just doesn't work as a .swf in a web browser.********************************************The file currently is set to just have the user type in their name and then when they move their mouse, it shows up on all other clients with their names next it it. Basically testing a real time activity updates.Here is my code and other files:My config.xml file:
HTML Code:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<config>
[code]......
I'm making a flash-based website which would use some information from a separate domain to update its contents. The XML file (document.xml) rests under one domain (let's call it updater2.net), while the core site rests under another (e.g., coredommain.net). I looked at some literature and I picked the simpliest method utilizing this small .php file (called loadXML.php here) and the A/S excerpt:
[Code].....