I'm calling remote images with with a Loader and the context has checkPolicyFile=true, images load fine with urls like :url....the only difference being escaped characters, is this a bug or am I doing something wrong?url...
View 1 RepliesI try to download an external SWF and run it within the AIR security sandbox.
this is the code of the AIR application:
public class Downloader extends Sprite
{
private static const REMOTE_FILE:URLRequest = new URLRequest("http://myserver.com/downloadable.swf");
[Code]...
So - what Do I need to do to prevent such security errors? I want my remote SWF to be treated as native code running in the same security sandbox as the AIR code.
I have a problem with the security sandbox in my site. I want to use a data grid with a xml coming from another domain.I have prepared a crossdomain.xml file with this structure:[code]I have put this file in the public_html folder of my host, and also inside the same folder of my app but still not working..
View 2 RepliesThe code below is simplified for example I'm developing an AIR application (using Flex) which loads several of its images from a remote web server. The images display fine, however, whenever I'm manipulating the containers which hold the remotely-loaded images, I get errors in my console:
[Code]...
The images don't seem to be affected, but I don't like having errors displayed that I don't understand. Here's a sample app that exemplifies the problem:
[Code]...
If I have a flash file that I'd like to test locally (on my computer) but I have video files on a flash video server and photos on another server, is there an easy way to set up my flash file so I can do this?
View 1 RepliesI get following error: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: [URL] cannot load data from 192.168.3.5:4854. at TicTacToe_fla::MainTimeline/TicTacToe_fla::frame1() ". I tryed to solve this problem about 3 hours, but I failed I have the file crossdomain.xml in the same folder like my .swf file on the server with this content:
[Code]...
I get a Flex 3 sandbox error #2048 after connecting to a Socket on a Java (1.5) server. The server code is all mine, i.e. not running under Apache. Flash Player 10.0 r32.The sequence is as follows...
1 Java server starts, listens on port 843 for policy file request and on port 45455 for my other requests.
2 Flex client served by Apache (although I get the same result if I run it from the file system), socket connection made on host:45455.
3 Flash Player requests policy file from port 843. This is the standard behaviour with the new security settings looking for a master file. It happens regardless of whether a different policy file has been specified.
4 I serve the following XML from Java through port 843:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*" secure="false"/>
</cross-domain-policy>
5 The player writes the following into the debug policy log...
OK: Root-level SWF loaded: http://localhost/bst/BasicSocketTest.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at xmlsocket://192.168.2.3:45455 by requestor from http://localhost/bst/BasicSocketTest.swf
OK: Policy file accepted: xmlsocket://192.168.2.3:843
OK: Request for resource at xmlsocket://192.168.2.3:45455 by requestor from http://localhost/bst/BasicSocketTest.swf is permitted due to policy file at xmlsocket://192.168.2.3:843
6 I send a text message from the client to the server on port 45455 using writeUTFBytes() and flush() (this is my own home-baked message protocol, and is correctly processed at each end)
REG/REGISTER;simon;Si
7 Java server thread listening on port 45455 responds with
REG:0/REGISTER:SUCCESS;simon;Si
8 The Flex client receives a ProgressEvent and the event listener I bound to the socket gets called. I process the message (write it to a text box on the screen)
9 The Flash player throws a 2048 sandbox error and the socket is disconnected! This is after the message is received and processed successfully. In fact it is about 12 seconds after. Nothing else works through the socket.
I have tried explicitly loading a policy file with a call to Security.loadPolicyFile() in the Flex client, but the reality of the new player security is that it is basically ignored. The steps are that the policy request will not get sent until a socket i/o operation occurs. At that point the player always goes to port 843 first looking for a master policy file. If it finds one, and it is permissive, it goes no further.
I have tried a variety of alternative ways of terminating the policy file and policy file contents, including deliberate errors just to see if the Flash Player is awake.I can see no reason why I would have a 2048 being thrown. I accurately serve a socket policy file on the designated master security port, which the player itself logs as correct. The socket then successfully sends and receives a message from the server the contents of which are available to my code.
P.S. Please don't tell me to use BlazeDS or LCDS or Granite, or something else as a server, I'm looking for a solution to this problem, not a redesign. And please don't ask me to use an XMLSocket instead - I tried that and get exactly the same result. I have chosen my architecture carefully and deliberately and I want a binary socket.
EDIT :In response to James Ward's request in his comment, here is the entire error message:
Error #2048: Security sandbox violation: http://localhost/bst/BasicSocketTest.swf cannot load data from 192.168.2.3:45455.
I have a stripped down test client which has a handler for each socket event and outputs a message to the screen. This is what it shows:
RequestPolicy: 192.168.2.3:843
Create Socket: 192.168.2.3:45455
Connect: [Event type="connect" bubbles=false cancelable=false eventPhase=2]
Sending: REG/REGISTER;simon.palmer@gmail.com;Si
Receiving: REG:0/REGISTER:SUCCESS;simon.palmer@gmail.com;Si/
Close: [Event type="close" bubbles=false cancelable=false eventPhase=2]
Error #2048: Security sandbox violation: http://localhost/bst/BasicSocketTest.swf cannot load data from 192.168.2.3:45455.
The close event is fired immediately after successfully receiving a response from the server, however the Error #2048 does not appear until about 20 seconds later. If I try and send a further message after close, but before the error, the Flash Player throws an invalid socket exception.
I am working with strings that need to retain the details of line returns as they were typed in and also characters such as speech marks (they will contain ascii art). I have looked at using the escape function but this doesn't seem to work--
[Code]...
My SWF resides on domain A, is loaded by a web site on domain B and is trying to ping URL (URLLoader.load) on domain C. But I am getting "#2048: Security sandbox violation" .. why? Of course I have read the manual, I saw the security white paper but I do not understand it. Don't you know any blog or such where it is explained for dummies? With lots of examples and maybe a table showing what is allowed and what is not?
View 2 RepliesI am getting a strange problem while I am making my release build swf.The swf is supposed to make some internal server calls and then display the data and also play it.When I make a release build swf and excute it, while making server calls it throws exceptions likeSecurityErrorHandler: [SecurityErrorEvent type="securityError" bubbles=falsecancelable=false eventPhase=2 text="Error #2170: Security sandbox violation:file:///Path to the swf/WebPlayer.swf cannot send HTTP headers to **Method Name to bring data from the server***]And after this nothing can be done as everything depends on the data from the server..I have updated my cross-domain.xml on the server to support the master-only policy file but that also didnt ..My cross-domain.xml is
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
[code]......
I haven't fully grasped how the flash security model works, and now I've ran into a problem. I have a base SWF that loads a game loader swf, which in turn loads the actual game.What I'm trying to do is taking a current bitmap snapshot of the running game. This works fine before the loader swf has loaded the game. When the game is loaded, I get a security violation because the game has images pulled from facebook. Is this something that can be solved on my end, or restricted by security in the game swf?
View 2 RepliesI have build my entire website with flash and embedded several swf objects (slideshows) into it. everything always worked fine when I published it as swf movie.but now that I want to upload my website an error message occurs saying:Error #2044: Unhandled SecurityErrorEvent:. text=Error #2140: Security sandbox violation: file:///mylayout.swf cannot load file:///slideshow_1.swf. Local-with-filesystem and local-with-networking SWF files cannot load each other.I know that it has something to do with the fact that one of the swf is local with filesystem and the other local with networking. but in my publish settings i told it to access local files only.but i dont really know what your are talking about. i am hosting my website at besides that i have not uploaded it yet. i am just testing it offline.
View 2 RepliesI'm building a flash project that will be ran with a wrapper of some sort to give flash extra controls. The issue I'm running into is streaming video from a web domain while the .swf is located locally on the users computer. I'd rather not ask my clients to go into adobe's security sandbox and allow it them selves. Is there a way to auto allow a file to communication externally for streaming? I know an Adobe Air app named Ambience that streams mp3s. Anyone know how this can be accomplished?
View 1 RepliesI have a WebView loading a swf using loadUrl(). My app saves files from the web locally and then uses flash to show them. Keep running into a 2148 error for the crossdomain.xml.around this and access files from the SD Card or application cache somewhere to show in a Flash component embedded into a WebView?
View 1 RepliesGoal: to make possible to make requests from flash running on local protocol (widget://, file://, chrome-extension://) without any special permissions on [URL]
Supposed solution: proxy swf file loaded in page with widget:// or file:// or chrome-extension:// protocol which loads into itself swf file located on http server. local swf bridge conects its own external interface to http swf file external interface.
This solution used in youtube movies, so you can embed any youtube movie into local page and it will be shown and played fine;
At the end we can get working soundmanager2 [URL] opened localy (file:// protocol), which can load and play music and video from internet. I need proxy for this version [URL]
Some relative [URL] How do I call a Flex SWF from a remote domain using Flash (AS3) ?
I need this to play music in opera extension (using widget:// protocol) for my project [URL] to let users play music without setting up special permissions
I have written a simple upload component in Flash, but I am now having issues in uploading due to a Security Sandbox error. I now know this is due to the fact I am uploading from one domain, to another, but 1, this used to work, 2, i have implemented a cross domain xml file by placing it in the root of the domain I'm serving from. There is also the following code at the top of my movie that used to work:
System.security.allowDomain("*"); Here is the plan, upload from admin.subdomain.serveraddress.net to serving.serveraddress.net, but it doesn't work
[Code]...
I mixed a.com and b.com in my original post, I'll try to rephrase stuff correctly:
A HTML page is loaded from a.com
The HTML embeds a Flash client from b.com
HTML contains a Javascript function that makes a connection to a.com, ie the origin of the HTML, not the origin of Flash
The Flash calls that Javascript function
Question: Do I need to have a crossdomain.xml in a.com?
while running my flash application i get the below error
* Security Sandbox Violation *
Connection to rtmp://system ip/live halted - not permitted from file:///F:/Flash
work/RTS/RT/vlab/BIOTECH/NEO/passive-properties-of-a-simple-neuron/vi-characteristics-of-
solarpanel.swf
-- Untrusted local SWFs may not contact the Internet.
SecurityError: Error #2028: Local-with-filesystem SWF file file:///F:/Flash work/RTS/RT/vlab/BIOTECH/NEO/passive-properties-of-a-simple-neuron/vi-characteristics-of-solarpanel.swf cannot access Internet URL rtmp://system ip/live.[code].....
Our partners are requiring that we display a news.swf in our flash app outside of its domain. This is causing a mess of sandbox violations. The loaded news.swf is more or less a black box although I dug around in a flash decompiler and what looks like the document class has:
Security.allowDomain("*");
Security.allowInsecureDomain("*");
This is also in the constructor of client.swf. I should also note that client.swf is embedded in client.html. So client.swf is loading news.swf and adding it to the display list. Once it is added to the stage it starts spitting out a handful of errors. Run on my local file system:
[Code]...
I'm having trouble with an AS3 AMF RemoteObject request that is hosted on App Engine. I have a crossdomain.xml file in the root of the domain, and also one at the remoting endpoint.Here are the contents of the root crossdomain.xml:
<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies ="all"/>[code].....
Loading the swf file and testing it on my machine works just fine... I think that may have something to do with me having the debugger version of Flash Player. When I push it up to App Engine to make it public, other clients access it and get a Client.Error.MessageSend Channel.Security.Error error Error #2048 url: http:[url].......I am using Flex 4 beta, and the App Engine Python runtime. I have tried full wildcard in the crossdomain, and even accessing the data endpoint at a relative URL so as to avoid this error.
i am currently trying to learn ZendAMF, but i have a hard time troubleshooting which makes learning it quite hard. Is there a way to make the PHP file throw an exception that gets traced as an error message in AS3 (not Flex), the only error i seem to be able to get is "Error #2044: Unhandled NetStatusEvent:. level=error, code=NetConnection.Call.Failed", but it tells me jack ****.
i have gotten ZendAMF working, i just want to know how i can make error handling better, so that as an example can use PHP to tell flash that no results were found, or that the typed text was invalid. Is it better to use AS3 to check if the field was filled properly?
I have a swf hosted at domain A, and I have a html at domain B My swf is able to be loaded from accessing the html at domain B. However, the swf gets a SecurityError: Error #2060: Security sandbox violation:
[Code]...
I have a small Flash app that generates a security sandbox violation when flash.net. URLLoader() is called.I have been very careful to check for mistakes in my network/security settings, e.g., -use-network=true, cross-domain policy file, Security.allowDomain(), Security.allowInsecureDomain()
, Security.loadPolicyFile(), etc.
I have been working on this issue all day.I have read every Web page I can find on the issue to no avail.***Objective***1) Upload a SWF file, XML config file, cross-domain policy file, JPG files, [code].........
I am building a project where I use an external API loaded from the web, and I also load files locally. As I understand it, I cannot load both local and external files without causing a security sandbox error.Once I open the API it seems to try and listen to mouse events and such, and causes a securityIts really annoying since I am trying to trace some debug outputs but I can't read them as they get overwhelmed by the error messages.I know I cannot fix it, but I would simply like to disable these warnings. Is there any way?(please don't post solutions to fix the error, I tried all of them)I just want to disable the messages.Here is the error message:
* Security Sandbox Violation * SecurityDomain
'http://agi.armorgames.com/assets/agi/AGI.swf' tried to access
incompatible context
[code].....
I am working on a existing Flash project (a Flash based game), where I need to integrate social login widget Gigya. I researched and finalized using Adobe Flash Platform Services Social. The problem is, I successfully integrated that in a test Flash file that I initially prepared. But when I integrate it in the source file of my actual Flash project, I get following error:[code]in my code, but it works in my initial test Flash (a minimal file with 2 frames and no extra components), but does not seem to be working for my actual game Flash.
View 2 RepliesTrying to load remote images into a flash sideshow local files work even if I use absolute path. I am updating existing gallery to dynamically pull images from Picasa.The php works fine and pulls the images from the API. But when I pass the XML to flash it wont load remote images. to ActionScript but it still wont work. The scrip for the sideshow is:
System.security.loadPolicyFile("http://photos.googleapis.com/data/crossdomain.xml");
System.security.allowDomain("*");
MovieClip.prototype.addProperty("onLoad", function () {
[code].......
I tried to deploy my otherwise working flex app on a web server (tomcat 6).It threw a Channel.Security.Error.After some research, I became aware that flash movie loaded from flash_movie_domain will not be able to load resource from any other domain.Some suggested adding a crossdomain.xml.However, the crossdomain.xml route doesn't quite make sense.In this case, I am loading resources from a third party web site.My understanding is that I need this third party website to include a crossdomain.xml on their root directory in order for app to function.The third party web service is provided as is. I will not be able to change what's given. Since the third party is providing public access, it already explicitly give permission to the general public. Adding a crossdomain.xml to their root seems to be a redundant act?
View 1 RepliesI have a Flash swf file on one of my pages that's causing a Security sandbox violation. Basically it's trying to load a php file to do some things with mp3 files on my server. It works just fine, unless someone types in the url without the 'www' in front of it.
[URL]
the problem occurs. It still resolves to my site, but the domain appears different to the Flash app, and so the error gets thrown.
I am loading an external swf file from the same domain into my main flash movie using an absolute path: The problem is that when someone goes to the site without the 'www' in the address: he movie throws a sandbox error upon trying to load the 2nd movie.I have a crossdomain in place set to: <allow-access-from domain="*" secure="false"/>.I also have: Security.allowDomain("*"); in the document class of the main moie.I realize I could use a relative path to load the movie instead of the absolute path, but shouldn't the cross domain file and/or the allowDomain command take care of the security issues? Is there another workaround besides the relative path?
View 1 RepliesI'm having a problem where #2048: Security sandbox violation error is occurring. The error is as follows (domain replaced with generics):Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: h[URL].. cannot load data from subdomain.domain.com:50001.I have a perl xinetd-based policy file daemon running on
[Code]...