I'm attempting to write a file to an ftp server with ActionScript. I've put a crossdomain.xml in the root directory, and my application accepts it: OK: Policy file accepted: ftp://ftp.mydomain.com/crossdomain.xml. However I still get a security sandbox violation:
*** Security Sandbox Violation ***
Connection to ftp://ftp.mydomain.com:21 halted - not permitted from https://www.mydomain.com.localhost/path/App.swf'
Does this have something to do with the .localhost loopback, or is there something off with my policy file? Something else? Any help is greatly appreciated.
P.S.: I've also tried Security.allowDomain and Security.allowInsecureDomain, but to no avail.
Related
I'm using symfony 4, What does error stands for ?
Warning: SessionHandler::read(): open(/var/lib/php/sessions/sess_634q91mh896b6aa4jpjvlihmar, O_RDWR) failed: Permission denied (13)
When a user logs into a Symfony application, session information is stored on the web server. By default Symfony uses the native PHP session mechanism, storing session info in a file in /var/lib/php/sessions/ on Linux systems. Your error message is output by PHP and means it got a permissions error creating or re-opening a session file.
The error appears only intermittently because PHP removes old session files randomly about every 1/100th or 1/1000th page load. (On some Linux variants, old session files are removed by a cron job instead.)
https://symfony.com/doc/current/session.html says:
"some session expiration related options may not work as expected if other applications that write to the same directory have short max lifetime settings."
Try to avoid having multiple processes writing to the same sessions directory. I think I got the error message because both an Apache web server and php bin/console server:start were running at the same time. One process may have removed the other process's session file.
See PHP manual and Symfony manual for how to configure writing to separate directories. For example, I changed {Symfony directory}/config/packages/framework.yaml:
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
# handler_id: ~
cookie_secure: auto
cookie_samesite: lax
handler_id: 'session.handler.native_file'
save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
gc_probability: 100 # Run garbage collection always for
gc_divisor: 100 # investigating this problem only.
Another possibility is a problem in your Symfony code can cause the error message. The Symfony documentation says not to call the PHP session functions like session_start() directly since Symfony classes call them. A bug in my code caused an exception which I speculate caused the error message.
Related stack overflow questions: cleanup-php-session-files and how-does-php-know-when-to-delete-a-session
For those familiar with C code, see the PHP interpreter source code line that prints the error here
Hope this helps!
Not related to symfony 4, but you have to fix permissions in your /var/lib/php/sessions/ directory
I am trying to use UploadObjectExample.java code to upload a file to OCI object storage. I am running into connection timeout error while connecting to the object storage URL. The same config file is used by OCI CLI to successfully upload files to OCI config.
Here is the Error log:
Exception in thread "main" com.oracle.bmc.model.BmcException: (-1, null, true) Timed out while communicating to: https://objectstorage.us-ashburn-1.oraclecloud.com (outbound opc-request-id: 1EB5AA4A7FD64D58A54F876AD0C9E83B)
at com.oracle.bmc.http.internal.RestClient.convertToBmcException(RestClient.java:572)
at com.oracle.bmc.http.internal.RestClient.put(RestClient.java:380)
at com.oracle.bmc.objectstorage.ObjectStorageClient.putObject(ObjectStorageClient.java:1053)
at com.oracle.bmc.objectstorage.transfer.internal.SimpleRetry$1.apply(SimpleRetry.java:34)
at com.oracle.bmc.objectstorage.transfer.internal.SimpleRetry$1.apply(SimpleRetry.java:26)
at com.oracle.bmc.objectstorage.transfer.UploadManager.singleUpload(UploadManager.java:111)
at com.oracle.bmc.objectstorage.transfer.UploadManager.upload(UploadManager.java:73)
at UploadObjectExample.main(UploadObjectExample.java:74)
Caused by: javax.ws.rs.ProcessingException: java.net.SocketTimeoutException: connect timed out
at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:284)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:278)
at org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$0(JerseyInvocation.java:753)
at org.glassfish.jersey.internal.Errors.process(Errors.java:316)
at org.glassfish.jersey.internal.Errors.process(Errors.java:298)
at org.glassfish.jersey.internal.Errors.process(Errors.java:229)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:414)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:752)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:445)
at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:334)
at com.oracle.bmc.http.internal.ForwardingInvocationBuilder.put(ForwardingInvocationBuilder.java:141)
at com.oracle.bmc.http.internal.RestClient.put(RestClient.java:377)
Please test curl -v https://objectstorage.us-ashburn-1.oraclecloud.com from the same machine where the Java client times out, just to make sure there are no connection issues. If it works fine you may try to change the timeout value in ClientConfiguration. You can see more details here: https://github.com/oracle/oci-java-sdk/issues/92
Before creating a support ticket you might also try to create a new issue on github/oci-java-sdk.
without knowing more about the config file (I do not suggest you post it here), your home region and other elements it is very hard to help.
I would suggest you open a support ticket at https://support.oracle.com, making sure that you select the Cloud tab and the Service as "Oracle Cloud Infrastructure".
Are you using a proxy? If so, you may need to use the OCI Java SDK ApacheConnector.
This was an issue with the proxy. This was resolved by using the ash7 proxy.
I'm going to use axis2/c on windows to build a program, but when i click the "axis_http_server.exe" to start up the axis2/c server, nothing happened but a flashing window, i could't see the message "Started Simple Axis2 HTTP Server..." which was seen in the offical tutorial by apache, i've not changed anything but set the System's environment variable which was initial, so how can i open this?
i've turned to the directory axix2c/logs,the details in the axis2.log are as below:
....\src\core\deployment\conf_builder.c(903) Transport sender is NULL for transport http, unable to continue
....\src\core\deployment\conf_builder.c(262) Processing transport senders failed, unable to continue
....\src\core\deployment\dep_engine.c(752) Populating Axis2 Configuration failed
....\src\core\deployment\conf_init.c(64) Loading deployment engine failed for repository ../.
....\src\core\transport\http\receiver\http_receiver.c(126) unable to create private configuration contextfor repo path ../
....\src\core\transport\http\server\simple_axis2_server\http_server_main.c(215) Server creation failed: Error code: 103 :: Failed in creating DLL
I have been trying to download a zip file from my cpanel server but I was getting first 403 forbidden error so I added .htaccess with the following code as :
Require all granted so for the time my 403 forbidden error was solved but now I am getting 500 Internal Server Error..!
Here is link to the directory where I am getting error please as :
http://huntedhunter.com/backups/
And I want to download this file as :
http://huntedhunter.com/backups/backup_hunter.zip
so getting the 500 Internal server error on file downloading..!
So if you people can please help me.
As discussed, the issue is with the file permission for backup_hunter.zip
so make sure the file permissions are set accordingly
an example from File Permissions Tutorial
image from the linked tutorial, read the same for more info
I'm getting a very annoying run time error message, which crashes my flash application when it runs in the browser. The error pertains to a 'Security Sandbox Violation' when I attempt to access Youtube's Gdata api. The exact error message reads:
Error: Request for resource at https://gdata.youtube.com/feeds/api/videos?
key=As##2PVR2#lPj#0bVaw_Tvjx1MI6qeAI1gORxErVYDzu2zZy4D18bf8T6pHxsPgIOhs3_44Te
YTVlYLx49goUPbv00udousA&q=The-Muppets-official-trailer&alt=json&max-results=1
by requestor from http://###.com/cws/f/VV.swf is denied due
to lack of policy file permissions.
*** Security Sandbox Violation ***
When I run the SWF locally, everything works fine.
Any ideas?
Thanks.
Edit: I've just added these lines, but still no luck.
Security.loadPolicyFile("http://www.mydomain.com/crossdomain.xml");
Security.loadPolicyFile("https://gdata.youtube.com/crossdomain.xml");
Security.allowDomain("https://gdata.youtube.com");
Security.allowDomain("gdata.youtube.com");
You need to specify a crossdomain.xml policy-file according to Adobe Flash security rules.
1) Place the crossdomain.xml at the root directory of your website
2) Example content (not recommended)
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
3) Load the policy-file into your project (AS3):
System.security.loadPolicyFile("http://www.DOMAIN.net/crossdomain.xml");
Read the reference document for further information.