I need to host my full-Flash SWF site on "xx.com" server. But all graphics and sounds have to be loaded off "yy.com" server.
Inside my AS3 code, all data is loaded by absolute addresses, e.g:
http://yy.com/file1.jpg
http://yy.com/file2.jpg
If I run the swf locally, either from within the Flash authoring tool, or a local .html file, or by double-clicking the swf, it works fine. All data is downloaded from "yy.com" and the site displayed properly.
It WON'T work if I upload the swf on "xx.com" and load it off there.
I have created the following crossdomain.xml file
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" />
</cross-domain-policy>
and uploaded at
http://yy.com/crossdomain.xml
The result is quite strange : it seems to start loading 1-2 images off "yy.com", but then it halts. This behaviour happens with or without the crossdomain.xml file.
Is what I am trying to do achievable in some way? My problem is that xx.com has very limited space so I can upload the swf and/or the html on it, but not the actual data (which is lots of MBs).
try using this as your crossdomain.xml file. This is the one I use and it has always worked for me. It has that extra allow-http-request-headers-from node
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
Make sure you set allow all inside your swf's
Security.allowDomain("*");
The solution was to add a LoaderContext to the load function of the Loader objects, like this :
context = new LoaderContext(true);
loader.load( new URLRequest(name), context );
Only then was the crossdomain.xml file checked.
Related
I am writing an AS3 application which requires downloading xml file from external server.I am trying to connect to the external server (while testing from my local machine) to load the file however The URLLoader is unable to load it and showing "Error opening URL ". However when I put the exact url in browser, the xml file is loaded properly. The server uses https.
Following are the code/settings I am using
Security.allowDomain("*");
Security.allowInsecureDomain("*");
xmlfile = new URLLoader(new URLRequest("<fullurl>"));
The eventlistener are set properly for the loader, and have been tested locally.
I am using FlashIDE and the publish setting is set to "Access Network Only".
The server which is being connected to serves the crossdomain.xml in the root directory and contains the followings.
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" secure="true"/>
</cross-domain-policy>
I am unable to understand what is missing in my code/settings to make it work, after searching for very long time.
I have tried to connect to other server using URLRequest and it seems to be working. For example following line doesn't show the earlier mentioned error
xmlfile = new URLLoader(new URLRequest("https://www.google.com"));
I am creating a flash project where I load data from server. When I run that from flash software using Ctrl+Enter or create exe then that works but when I run swf normally or using a browser then it is not working.
I tried to add this code but not working
Security.loadPolicyFile("policy.xml");
or
Security.allowDomain("192.168.10.8");
Security.allowDomain("www.example.com");
My policy.xml is
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-from domain="www.example.com" />
<allow-access-from domain="192.168.10.8" />
</cross-domain-policy>
Please advice me.
I had a similar problem. Flash will initially try to get the flash policy from a different port (843). See this:
http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html
Why not try use URLlaoder? and set up a web with service call.
http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/net/URLLoader.html
I suggest to try LoaderContext class. Here is example code:
Security.allowDomain("*");
Security.allowInsecureDomain("*");
var loader:URLLoader = new URLLoader();
loader.contentLoaderInfo.addEventListener(Event.COMPLETE, onDataLoaded);
loader.load(new URLRequest("http://www.example.com/json_file_path.json"), new LoaderContext(true));
I have an application which upload/download files to/from box.net. the application works fine when not deployed on server but when I deploy it on Google App Engine the following error is encountered.
Error #2044: Unhandled securityError:. text=Error #2048: Security
sandbox violation: http://somexyz.appspot.com/xyzsample.swf cannot
load data from http://box.net/api/1.0/download/abcdef/123456.
I have included the below lines of code in as3
Security.allowDomain("*");
and placed crossdomain.xml in app root folder (Google App Engine) and can access the file using somexyz.appspot.com/crossdomain.xml
crossdomain.xml contains the below lines
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
<allow-http-request-headers-from domain="*"/>
</cross-domain-policy>
I am also getting the same issue when I tried using tomcat.
If you are loading from box.net, you need to check the http://box.net/crossdomain.xml
and there you can read following:
<!--
Box has recently changed its crossdomain policy for API calls made from Flash.
To continue using Box API, please add the following line to the code of your Flash
application:
- AS2: System.security.loadPolicyFile("http://www.box.net/api/crossdomain.xml");
- AS3: Security.loadPolicyFile("http://www.box.net/api/crossdomain.xml");
-->
UPDATE
Please be sure that you are adding it corectly:
Security.loadPolicyFile("http://www.box.net/api/crossdomain.xml")
And when loading:
*.load('http://www.box.net/api/1.0/download/abcdef/123456');
so that the path to the server would be the same: http://www.box.net/
For flash the http://www.box.net/ and http://box.net/ are 2 different domain names.
I have a flex 3 app that is attempting to load images from Amazon S3. The images fail to load, so I fired up debug mode. In debug mode, the images load, but I also get the following output in the debugger:
*** Security Sandbox Violation ***
SecurityDomain 'http://something.s3.amazonaws.com/logos/mylogo.png' tried to access incompatible context 'http://localhost/myapp/bin-debug/index.html?debug=true'
I have added a crossdomain.xml file into the root of my bucket as follows, but this does not seem to help:
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only" />
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" />
</cross-domain-policy>
Am I missing something obvious here?
Maybe problem in site authorization. When I visited your url I got "Access Denied". It works for one env but not for other.
Your don't need crossdomain.xml for just displaying images in your way with image.source, so problem not in Flash Player security.
You trace says that image is loaded but it can't access parent sandbox. It doesn't help to debug problem. Try to use ServiceCapture or Firebug or Charles to define of what actually being loaded to Flash Player.
I need to access an ASP.Net2 page from Action Script 3.0 and I wrote the code in .fla file that access the asp.net page but there is a problem in the accessing it reports to me the following error :
Error opening URL 'http://localhost/Trial/Default.aspx'
Error #2044: Unhandled ioError:. text=Error #2032: Stream Error. URL: http://localhost/Trial/Default.aspx
at Script1/sendSQLXML()
at Script1$iinit()
and after searching I found that it is a problem related to Cross Domain policy so I created an XML file called Crossdomain.xml with the following code:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>
and i don't know how to use it from ACS3 and where to put it
Note: i run the Asp.Net2 page in the IIS
Look into the loadPolicyFile(..) method: http://livedocs.adobe.com/flex/3/langref/flash/system/Security.html#loadPolicyFile()
IF you're working localy (http://localhost/Tri...), i'm not sure that the problem come from some CrossDomain issues...
Typically the crossdomain file gets placed at the root of the server, if you are running locally you shouldn't be having crossdomain issues, but you might want to try placing it in c:\inetput\wwwroot\ and see if that addresses your issue.
crossdomain.xml gets put at the root of the server you are trying to access. that's the default location such that you won't need to call Security.loadPolicyFile()