Flex :: Https - Protocol For Crossdomain.xml In App?
Oct 20, 2010
I've changed the protocol for my flex app from https to http and flashplayer still wants to download the crossdomain.xml using https though with the port for http. [URL]..
View 3 Replies
Similar Posts:
Feb 8, 2012
what's the best and shortest way to get this information?
i've read about BrowserInvokeEvent which contains a boolean of the sort - [URL]
yet i havn't been able to implement it.
View 1 Replies
Jan 25, 2010
I want to create flash banner with XML content, and host it on my site with crossdomain.xml, and then share banner code with other sites for banner exchange.So, everything is on my server.Will loading banner, on other sites, load XML from my server, if both banner and XML resides on the same server, but banner is loaded on the other site?
View 1 Replies
May 24, 2011
I am working private network.This alread developped product which implemented using TCP(client server technology). Existing product is as follows
-There is a UI which is developed using flex, where user can see video or snapshot
-There is a server which is developed using c++,which redirects request from UI to gateway.
-There is gateway which is connected with the Camera,which stream video to UI through server.
Now we wanted to add p2p technology to existing client server.So it will support TCP as Well As UDP.Presently we are exploring flex and XMPP to implement the p2p.as newer version flex of flex support p2p using RTMFP, but thats the propriety protocol of adobe.if we use RTMFP we need to change all the existing code that we dont want.I wanted to implemented to p2p using flex client(UI) which will use XMPP to communicate with Gateway and Server. Is it possible to use XMPP from flex code.Will XMPP support UDP p2p or not.
View 1 Replies
Jan 15, 2010
I have a Flex frontend connecting via RemoteObject to Zend Framework's Zend Amf. This is my only means to transport data between client layer (Flex) and the application and persistence layers (LAMP with Zend Framework).Some ways I can address security are as follows:
I can address TLS by using mx.messaging.channels.SecureAMFChannel in my services-config.xml file and ensuring Flash player is loaded into a HTTPS wrapper and is in fact using HTTPS since the AMF protocol is layered on top of HTTP RemoteObject has a setCredentials method with which I can pass AMF authentication headers to protect user related data. Assuming TLS was actually secure I can expose methods on the endpoint after authenticating the User.I can protect against cross-site scripting and other FLASH vulnerabilities with a properly set up crossdomain.xml how to I protect my endpoint against another AMF consumer? For instance, if there were another AMF consumer (not Flash so not bound by crossdomain.xml and Flash sandbox security) other than my Flex client that knew my endpoint, what would stop it from using methods that the endpoint exposes?
As far as I know I essentially need a way to authenticate my Flex application against my Zend Amf endpoint. After AMF consumer authentication, I have some of the security mechanisms I mentioned above to protect certain pieces of data (like User authentication). I can not embed some sort of authentication mechanism into my Flex swf because the swf is vulnerable to decompilation (the swf can not be trusted). While sensitive data is protected via User authentication the unprotected data is hardly public but as far as I can tell is totally open for public consumption.
View 2 Replies
Apr 7, 2011
How can i settings crossdomain.xml my flex project.* this is my crossdomain.xml.
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
[code].....
I've tried lots of different methods but my project send error message "Security error accessing url Unable to load WSDL. If currently online, please verify the URI and/or format of the WSDL [URL]"
put the file in different places
C:wampwwwMYPROJECT�in-debugcrossdomain.xml
(my swf url : http://localhost/bin-debug/test.html checked http://localhost/bin-debug/crossdomain.xml its ok)
C:wampwwwcrossdomain.xml
I added the load line of the project
protected function application1_initializeHandler(event:FlexEvent):void
{
Security.loadPolicyFile("http://localhost/MYPROJECT/bin-debug/crossdomain.xml");
}
if flex server type select none everythings ok. but server type select PHP need crossdomain.xml how can i fix.
View 1 Replies
Jul 11, 2010
I need to develop client server application that involve gaming. I have no experience in flash and I was reading about the AMF3 protocol that is compact and fast, is it better than xml/json for data exchange? Also I need it to be on port 80.
View 2 Replies
Dec 4, 2009
Is it possible to use the flash.net.NetConnection object to connect to my Flash remoting enabled web application over HTTPS within Tomcat or any other servlet container?
I am using the SpiceFactory cinnamon project for amf remoting and have searched for examples of using HTTPS but see only the reference to a proxy type in the NetConnection object.
If someone could provide a reference or example that would be awesome. Or if it is not possible using the flash.net.NetConnection object are there any recommendations of how to configure HTTPS for the spicefactory cinnamon library.
View 2 Replies
Dec 14, 2009
How can I add a crossdomain.xml to the root of my Hudson server? I'm working on a Flex->Hudson bridge and I'd like to access it directly, instead of relying on a proxy to do it for me.
EDIT: This is standalone Hudson, not running on any application server.
View 2 Replies
Apr 4, 2011
where should I put the crossdomain.xml to my grails app? I need to use webservices from external domains in my flex client app. I put it into my web-app folder but it seems not working..
View 3 Replies
Dec 21, 2009
I am building a FLEX web application that also has a payment module where the user needs to enter his credit card details.
The whole Flex application runs on HTTP. However, whenever the user lands on a page where we ask for credit card details, we want these details to be sent over HTTPS.In this page we need information from the model of the application, because it holds certain selection the user did, the state the application is in, etc.
Do I need to make this page a Module that runs on HTTPS?
Or can I just configure the specific 'credit card' services (we have a JAVA back end) so that these run on HTTPS?
View 1 Replies
Feb 8, 2010
Is there a way to inspect HTTPS traffic from Flex applications compiled to SWF files?I'm trying to use Fiddler for this, have added DO_NOT_TRUST_FiddlerRoot to my Trusted RootCertification Authorities so my IE now can access other HTML sites that would normally complain about untrusted certificate. However, the HTTPS traffic from the SWF file still doesn't appear in Fiddler and, in fact, the Flex app wouldn't work (HTTPS with a self-signed certificate is not supported by Flex apps I believe). Is there a way around it?Update: To be clear, I am interested in the traffic between the SWF file running under Flash Player and the server (typically, Flex components like HTTPService will be used for this). The SWF file itself can be served via HTTP or HTTPS, it doesn't really matter.Clarification 2: Don't assume that the source code is available for the SWF file. If it was, Flash Builder 4's Network Monitor could be used.
View 3 Replies
Oct 5, 2011
I'm trying to configure BlazeDS to work over HTTPS. We've got Apache in the front that is set to redirect all http traffic to https. Apache then communicates with the application (a JBoss AS 5.1) via http. I've tried a lot of configurations for BlazeDS, and finally the following solution worked for me:
services-config.xml
<services-config><services>
<service-include file-path="remoting-config.xml" />
<service-include file-path="messaging-config.xml" />
</services><channels>
[Code] .....
The thing here is that in my-secure-amf channel, I use mx.messaging.channels.SecureAMFChannel in the channel-definition, and flex.messaging.endpoints.AMFEndpoint (not flex.messaging.endpoints.SecureAMFEndpoint). This has probably something with the Apache-Jboss setup to do, but I haven't found anything that explains what the different tags actually define. To get some sense in all of this, what happens when defining channels and endpoint, using different urls and classes?
View 1 Replies
Feb 18, 2010
I am trying to do a "hello world" level test of FTP in Flex, but for three days now, I cannot overcome the issue with how to coerce flex into accepting my crossdomain policy - even for testing purposes.Here is my code: The exact error text follows.
[Code]...
View 3 Replies
Apr 28, 2010
I am trying to connect to a socket server from flex. I read, on adobe's documentation, the client automatically sends a "request-policy-file" xml element to the socket before allowing it to be opened, and should receive a policy file.
The client sends the xml element as expected, My server receives it (on the port I want to use, port 6104) and replies on the same port with:
[Code]...
View 1 Replies
Aug 10, 2010
I am trying to build a youtube player with flash and everytime I load a video, there is a runtime security sandbox error..I already put crossdomain.xml in my root serverbut I am still getting the errors...Do I miss something? Do I have to load it into my flex project?
<!-- <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
[code].....
View 4 Replies
Feb 7, 2011
How do I set the flash crossdomain.xml file to only allow https ssl secured connections? I have this but I think this will allow non secure connections too.
< cross-domain-policy >
< allow-access-from domain="*" secure="false" / >
< /cross-domain-policy >
View 1 Replies
Feb 16, 2011
I would like to know how to configure the flex crossdomain.xml in tipfy with the Google app engine skd. Tipfy is a framework using in Gae. I would like to know: where I can place the crossdomain.xml, in the root or other place, do I need script to redirect to the xml, what files that I need to modify, eg. app.yaml. Any other things or file I need to modify or create to make it work.
View 2 Replies
Jan 13, 2010
I want to make an https call using HttpService. My code is working perfect when the url is http, but when i can the url to https is gives me the following error [code]...
How should I make a Https call?
View 2 Replies
Jan 24, 2011
My swf is being served via http protocol. I don't really see this being easily changed. There's a resource that a website has opened up via their api that I need to access but it is using https protocol. Because of this my swf can't access the resource because of security settings.
Option 1 would be to serve my swf via https. I can't do this at the moment.
Option 2 would be set secure="false" property of the cross domain policy file. I can't do this, I dont have access.
View 1 Replies
Oct 3, 2010
in my flex application:[URL].. when i run my app, I catch this error:
SecurityError: Error #2123: Security sandbox violation: Loader.content: http://mySite.com/2/BusFlex/BusProducts.swf/[[DYNAMIC]]/2 cannot access http://cs9621.notMySite.com/u7397474/c_b51d9fe6.jpg. A policy file is required, but the checkPolicyFile flag was not set when this media was loaded.
[Code]...
View 3 Replies
Mar 29, 2011
I am trying to get the RequestToken with flex from
[Code]...
View 3 Replies
May 26, 2011
I've created a Flex app which uses Coltware's airxmail to send SMTP messages. It calls a locally-hosted SMTP server (hmailserver), which relays the email out as appropriate. When run within the Flash Builder environment, everything works as intended. I can also send email both locally and remotely from the SMTP server using telnet, so I know that it's not a problem with the server. When hosted on the email server box itself, outside of the GUI, the app fails to send email. I've created a crossdomain.xml file to allow this access, but I don't believe it's configured properly.
[Code]...
View 1 Replies
Jan 9, 2012
I have a Windows Server 2003, with a domain: "mydomain.com" and everything goes right until the Flash application tries to load de crossdomain.xml, because it tries to load it from "servername" and obviously the request fails. Currently I have read all about crossdomain.xml , what it is, where it goes although I can not find what I have to do so my flash application requests the crossdomain.xml from my domain "mydomain.com" and not from my server "servername".
- The domain is up and can be accessed from the internet
- The crossdomain is on the root folder and also can be accessed from the internet
View 2 Replies
Jun 17, 2009
I've been trying to find the right configuration for supporting both http/s requests in a Flex app. I've read all the docs and they allude to doing something like the following:
<default-channels>
<channel ref="my-secure-amf">
<serialization>[code]..........
I'm running with Tomcat 5.5.17 and Java 5.The BlazeDS docs say this is the best practice. Is there a better way? With this config, there seems to be 2-3 retries associated with each channel defined in the default-channels element so it always takes ~20s before the my-amf channel connects via a http request. Is there a way to override the 2-3 retries to say, 1 retry for each channel?
View 4 Replies
Jan 20, 2011
I'm having an epic amount of difficulty trying to get a result from a httprequest to a https address.I'm loading a policy file from the address but I'm still getting the 2048 security error.I load my policy file like so in my preinitilize handler.
private function preint(e:FlexEvent):void
{
Security.loadPolicyFile("https://api.soundcloud.com/crossdomain.xml");
[code]......
View 1 Replies
Aug 2, 2011
I am developing a flex application with flex 4.1 sdk and java backend (runs on Glassfish 3.1 via http). For security reasons I decided to move my authentication process to https until a session id is obtained. Therefore I changed the filter settings to use ssl for login and logout pages(just two pages due to performance reasons. The data-size sent to client is large and I do not want to slow down the system). Glassfish forwarded these pages to 8181 port (which is HTTPS port). Everything is ok for the java part. However flex defines the 8181 port as a different domain and then problems arise. Due to flash's same-origin policy it cannot load the secured content. Normally a crossdomain.xml is the solution but I am accessing content of the same domain through a different port. What will be the solution ?
View 1 Replies
May 4, 2010
How can I consume a webservice that hasn't explicitely created a crossdomain.xml? I understand it's for security and to prevent cross-site scripting, but it does seem like a major limitation to the Flex framework. For example, if I want to consume a webservice, which is suppose to be language agnostic, then I can't with Flex. The webservice/server has to be specifically prepared for Flex/Flash. If it's not, then it cannot be consumed.
View 3 Replies
Aug 10, 2010
I am trying to add a crossdomain file for my flash project...haven't done it before..and there are not too much information online.
View 2 Replies
Oct 29, 2010
I have an issue with an asmx service I am trying to access. No crossdomain file. I read there is a way around this using HTTPService instead of a webservice. Still cannot load the wsdl. See code below.
var dataService:HTTPService = new HTTPService();
dataService.url =
"http://flexmappers.com/proxy.php?url=http://www.server.net/carbon.asmx";[code]....
View 2 Replies
