Swf - Can't Get It To Work: Crossdomain.xml And Flash
Jun 28, 2010
I have a (self-created) swf demo with button triggering getUrl('SampleTargetPage.html')Now I want to place the swf at our cdn at [URL] while my html page resided on [URL]More structured:
[URL]
I thought it would be sufficient to provide a crossdomain.xml at cdn.example.com to allow the links work. But: it seems like the Flash plugin never queries the crossdomain.xml at all!Now, is there something which I must add in the SWF itself to make this work?
edit: do I need to use Security.loadPolicyFile?
edit: Maybe I don't need the crossdomain.xml at all because everything's under [URL]?
View 2 Replies
Similar Posts:
Aug 20, 2009
I am developping this video player: In the exemple above, the player is loading this start image, to display it before the playing of the video:Here, I then tell the player to load the same image, but on another domain: As you can see, it doesn't work anymore. I searched on Google and discovered that I theorically had to add a crossdomain.xml, to make sure that there isn't security protection that avoid swf to load images from other domain. so put these two files on my different domains, to tell the swf to accept files from all * domains
View 2 Replies
Jan 25, 2010
I want to create flash banner with XML content, and host it on my site with crossdomain.xml, and then share banner code with other sites for banner exchange.So, everything is on my server.Will loading banner, on other sites, load XML from my server, if both banner and XML resides on the same server, but banner is loaded on the other site?
View 1 Replies
Dec 2, 2009
how to get crossdomain acsess do worke what is wrong with this code? , do i need to add something else?Do i need to set the loadPolicyFile on all load function or can i just set it once in the document class constructor? [code]
View 1 Replies
Sep 2, 2010
I have a flash app hosted at The contents of that crossdomain.xml file are as follows:
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
[code].....
View 2 Replies
Nov 3, 2009
I have a web service running in http://server/abc/service which is being accessed by Flash from a different domain. I deployed a cross domain policy file to http://server/abc/crossdomain.xml and made the Flash load it using: flash.system.Security.loadPolicyFile("http://server/abc/crossdomain.xml");
in the constructor of the main movie clip. However, when the Flash starts, it requests and loads this file (observed in Firebug), but then it also requests it from the root of the server (i.e. from http://server/crossdomain.xml) which does not exist. Subsequent HTTP requests don't work reporting security cross domain errors. When I put the policy file to the root of the server, it all works. Why does it request the policy file from the root as well even thought it loads it from the subdirectory? Why the subdirectory policy file is not enough?
I should also note that the two policy files are loaded before any application HTTP requests are issued.
View 2 Replies
Apr 28, 2010
I am trying to connect to a socket server from flex. I read, on adobe's documentation, the client automatically sends a "request-policy-file" xml element to the socket before allowing it to be opened, and should receive a policy file.
The client sends the xml element as expected, My server receives it (on the port I want to use, port 6104) and replies on the same port with:
[Code]...
View 1 Replies
Aug 10, 2010
I am trying to build a youtube player with flash and everytime I load a video, there is a runtime security sandbox error..I already put crossdomain.xml in my root serverbut I am still getting the errors...Do I miss something? Do I have to load it into my flex project?
<!-- <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
[code].....
View 4 Replies
Oct 27, 2010
I have updated the crossdomain.xml security settings for my site - but it seems that the older version is being cached in both IE and Chrome.I've checked the headers sent by the server and it's not sending any cache control headers that would be forcing the browsers to be caching crossdomain.xml.
In an attempt to get around the issue I've also linked to my crossdomain.xml file in an iframe on the site. This hasn't worked though and flash still seems to be using the old security settings.
View 2 Replies
Nov 2, 2010
How can I disable crossdomain.xml check when the executing swf has been loaded on localhost?
Error #2044: Unhandled SecurityErrorEvent:. text=Error #2048: Security sandbox violation: http://localhost:2541/xxx.swf cannot load data from http://www.com/xxx.swf.
I want to assign full trust to the HTML5 web application running locally. I want to disable any crossdomain checks.
Some external servers do not provide crossdomain.xml for their hosted SWF files.
I am running locally. I want to have full trust for debugging purposes.
How do I do that?
I will not consider AIR as it cannot be used from HTML5 application.
Adding the url "http://localhost:2541/xxx.swf" to "C:UsersArvoAppDataRoamingMacromediaFlash Player#SecurityFlashPlayerTrustu.cfg" did not help.
[URL]
View 3 Replies
Feb 7, 2011
How do I set the flash crossdomain.xml file to only allow https ssl secured connections? I have this but I think this will allow non secure connections too.
< cross-domain-policy >
< allow-access-from domain="*" secure="false" / >
< /cross-domain-policy >
View 1 Replies
Apr 12, 2011
The player loads a flv video file seeon.flv from another domain.Currently, even without a crossdomain.xml in the server where seeon.flv is located, the video is loaded fine.This is not the behavior I want or expect it to be.I also tried putting a crossdomain.xml with the following content:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="none"/>
</cross-domain-policy>
From firebug, I could see that there's a request to the crossdomain.xml before accessing the video file (seeon.flv).It returns the content fine , with the Content-type of application/xml, but it still allow the cross domain behavior.
View 1 Replies
Aug 10, 2010
I'm building a Flash based RSS reader, to be run on a kisok, but it's getting tripped up by crossdomain issues. In the abstract: SWF loads local TXT file containing paths of remote RSS feeds (XML files), then loads the feeds stored at those remote paths.
[Code]...
I was under the impression that an single asterisk/wildcard in quotes would mean any domain could access content on that server. But it's not working that way. I've tried changing the Publish Settings to "Access Local Files Only," and "Access Network Only," to no avail. I've also tried adding all of the relevant files to the trust list in Macromedia's Global Security Settings page.
View 2 Replies
Mar 29, 2011
I am trying to get the RequestToken with flex from
[Code]...
View 3 Replies
Jun 22, 2011
If you want to use content on another server, that server needs to host a crossdomain.xml file allowing access. If this file isn't there, flash won't let you access it. Given that it's easy enough to just write a proxy (say a php script that curls the external URLs) what is the purpose of this restriction? It seems that the content is still 100% available to external people, but there is just one extra hoop to jump through.
View 2 Replies
Aug 2, 2011
I'm writing a web application using three tier architecture. I have three Amazon EC2 ubuntu servers. The first server handles the presentation of the application and includes my main flash file. The second EC2 instance represents my application server. It contains the AMFPHP files and corresponding web services. Finally, the third instance handles persistance and is running a MySQL database. Both the presentation and application servers are running an apache web server. I created security groups specific to each tier such that the presentation layer will accept all incoming traffic on port 80 while the application layer will only accept incoming traffic from the presentation server. This should allow anyone to request my web application from the presentation server but prevent anyone from accessing the web services on my application server.My flash application cannot make web service calls to my application server. When a request is sent, I never receive a response from the server and eventually receive a security sandbox error.[code]It seemed odd that I wasn't receiving a response, so I decided to try a couple of things:
1. I connected to my presentation tier via ssh and attempted to use lynx to connect to my application server's gateway.php. I was able to connect without any problems.
2. I used Chrome's developer tools window to observe network traffic when loading my site. I found that it is attempting to load the crossdomain.xml file (which resides in the root of my web server [/var/www] on the application tier) using a GET request; but strangely, it times out and fails. This is where I am confused. How come I can use lynx on the same machine to connect to the web server on the application tier but yet the flash app can't access the same file?
While running some tests, I decided to open up the application server instance's firewall such that it can receive http requests from my IP. As soon as I did this, the application being hosted on the presentation tier immediately began working (Received a response from the web service)! However, this means I would have to force my application tier to accept http requests from the internet in order to work, which is not something I want to do. I don't understand why making this change would allow the application to grab the crossdomain.xml file. If the application server's security group is set to accept incoming http requests from the presentation security group, it should have no problem acquiring the crossdomain. xml file residing in the web server root of the application server right? I've spent more time than I would like looking into this issue. I really would like to setup a three-tier environment for my application in which the flash application will be able to send web service requests to my application layer. The most confusing part about this is the fact that when I add my computer's IP address to the application server's firewall, everything seems to magically work as intended. Please correct me if I am setting my application up in the wrong way. I am basing my architecture off of the following:URL..
View 1 Replies
Jan 9, 2012
I have a Windows Server 2003, with a domain: "mydomain.com" and everything goes right until the Flash application tries to load de crossdomain.xml, because it tries to load it from "servername" and obviously the request fails. Currently I have read all about crossdomain.xml , what it is, where it goes although I can not find what I have to do so my flash application requests the crossdomain.xml from my domain "mydomain.com" and not from my server "servername".
- The domain is up and can be accessed from the internet
- The crossdomain is on the root folder and also can be accessed from the internet
View 2 Replies
Dec 8, 2009
With a looming deadline for a big project, I've just wasted an entire evening trying to find out why my application won't properly load image content when the .swf is deployed to a web server.
Here's what I'm trying to do:
- load a jpeg image from a different domain than where my .swf's are hosted
- turn it into a Bitmap object to apply smoothing
Loading the jpeg itself is no problem, as long as I do this:
[AS]addChild(loader);[/AS]
As soon as I try to access loader.content, or loader.contentInfo.content to create a Bitmap, Flash simply aborts the script.So there you have it: a typical security sandbox violation (although no error is ever thrown). Solution: crossdomain.xml! Or that's what I thought.Now the image host has a crossdomain.xml in it's root, with *.rocketclowns.com as an entry. I'm testing my app from www.rocketclowns.com.Even if I try to force load the policy file:
[AS]Security.loadPolicyFile()[/AS]
Or, with LoaderContext:
[AS]// create a loader context that
// checks for policy files
var context:LoaderContext = new LoaderContext();
context.checkPolicyFile = true;
// use the context with your call to load
myLoader.load(request, context);[/AS]
...I still can't access my loader.content.
View 1 Replies
Aug 10, 2009
I have written a simple upload component in Flash, but I am now having issues in uploading due to a Security Sandbox error. I now know this is due to the fact I am uploading from one domain, to another, but 1, this used to work, 2, i have implemented a cross domain xml file by placing it in the root of the domain I'm serving from. There is also the following code at the top of my movie that used to work:
System.security.allowDomain("*"); Here is the plan, upload from admin.subdomain.serveraddress.net to serving.serveraddress.net, but it doesn't work
[Code]...
View 1 Replies
May 4, 2010
How can I consume a webservice that hasn't explicitely created a crossdomain.xml? I understand it's for security and to prevent cross-site scripting, but it does seem like a major limitation to the Flex framework. For example, if I want to consume a webservice, which is suppose to be language agnostic, then I can't with Flex. The webservice/server has to be specifically prepared for Flex/Flash. If it's not, then it cannot be consumed.
View 3 Replies
Aug 10, 2010
I am trying to add a crossdomain file for my flash project...haven't done it before..and there are not too much information online.
View 2 Replies
Dec 7, 2010
I'm doing a Flash Banner for an ADv campaing. Since the max swf file size allowed is very low, I'm trying to load external JPG images from the main server.Reading the crossdomain policies for Flash movies I see that:You cannot load variables or XML data into a Flash movie from another domain.
It's the same with static files as Jpg images?I'm testing the banner with various results: looking in Firebug, images are always loaded, but sometimes they appear, sometimes not, sometimes only the first time (it's a loop). There are no warnings however.
Loading the Banner with the same domain as the static images always works.I also tried to put a crossdomain.xml file on the domain that serves the static images, but problem seems to continue (maybe Flash cache that request somewhere..
View 1 Replies
Jan 24, 2011
I'm using YUI file uploader based on flash, and the flash requests host/crossdomain.xml file. I'm requesting localhost and it requires this file. I was using this before and I have never had this problem and I've never had this file on my server.I've never used any adobe technologies, could please anybody tell me if it is possible to turn it off somehow ?The problem is that I can't have the file on my server, at least at root location...
View 2 Replies
Jul 24, 2011
We have a lot of crossdomain.xml files at my company. Every service that has Flash availability needs one. Keeping them in sync is annoying, so I'd like to be able to have just one crossdomain.xml file hosted somewhere, and then http redirect (302) all the requests to that central location. Is this possible? I can't find documentation anywhere on the web about the rules.
View 1 Replies
Apr 11, 2012
I'm trying to display some Facebook video thumbnails in a Flash application, all of the video thumbnails I try to load seem to be hosted at [URL]. However [URL] cannot be loaded (Access Denied). Is there some way around this? (other than loading the images through a proxy). Maybe an alternative url which can be used?
View 2 Replies
Sep 13, 2011
I monitor (and log to server) most user errors in our flash game. Quite frequently I see security errors related to trying to make requests to a cross-domain URL (usually the Facebook Graph API). 99% of our players can make these graph API calls with no issues.What I think is going on is that the client makes a request, but fails to load the crossdomain.xml file. I don't quite know how AS3 handles this in the case of a failure to load the crossdomain policy file...will it retry for every URLRequest made until it succeeds in loading it, or does it just give up forever?
View 2 Replies
Jun 3, 2011
I've got a small client/server test application where I have a Flex app that makes an HTTP request of a server app. The server app is a script running on my local machine, listening on port 8001. The client is a swf that I am running locally, and uses mx.rpc.http.HTTPService to make the page request.
The HTTPService is being set up as per below:
_HttpService = new HTTPService();
_HttpService.url = "http://localhost:8001";
_HttpService.contentType = "text/xml";
When I make a basic page request, my server app is first receiving a "GET /crossdomain.xml HTTP/1.1" request, which is failing since I don't have a crossdomain.xml file in place. The reason I don't have one in place is because this is all happening on my local machine (for now) and I shouldn't need one (I don't think).
I definitely had this code working before without a crossdomain.xml when I was using Flex 3.x. I thought I had it working with Flex 4 as well. Now I'm using Flex 4.5. Is there an issue here, possibly due to security policy changes?With all of this happening on localhost, why is the Flash player requesting a crossdomain.xml file?
[code]...
View 2 Replies
Aug 10, 2010
I am trying to build a youtube player with flash and everytime I load a video, there is a runtime security sandbox error..I already put cross domain. xml in my root server URL... but I am still getting the errors...Do I miss something? Do I have to load it into my flex project?[code]
View 1 Replies
Dec 14, 2009
How can I add a crossdomain.xml to the root of my Hudson server? I'm working on a Flex->Hudson bridge and I'd like to access it directly, instead of relying on a proxy to do it for me.
EDIT: This is standalone Hudson, not running on any application server.
View 2 Replies
Apr 4, 2011
where should I put the crossdomain.xml to my grails app? I need to use webservices from external domains in my flex client app. I put it into my web-app folder but it seems not working..
View 3 Replies