I have a simple IRC socket that is used to communicate with servers for a web-based IRC client. Unfortunately, attempting to connect to a network results in a security error. I read up on sandboxes and their appropriate permissions, and then used Security.sandboxType to get the sandbox of my socket, which came up as remote. After reviewing the documentation, I still don't fully understand how I can enable my socket to connect to a remote IRC server. I tried Security.allowDomain, but that didn't do anything. What else is there?
Well the error is simply because you are directly trying to connect to IRC. You will need to use some sort of proxy server to get your request through.
Read about Adobe's security policy. I asked a similar question on SO just a day back..
For connecting to IRC, perhaps the following could help:
Flash does not allow you to connect to servers that are outside the so-called sandbox of your Flash application. You are of course able to extend that sandbox by using Security.loadPolicyFile...(link)
Related
I am writing an action script 3.0 client that has to communicate with a remote server. In localhost environment everything works fine, but if I test the client in the real internet environment there is no connection.
My guess is that it has to do with the cross domain policy file, but calling
Security.loadPolicyFile("xmlsocket://"+targetIP);
does not send the <policy file request\> message to the server on the default 843 port, or any port for that matter. I think it might be because flash recognises that the address is local and omits the request. But I need to receive it to be able to implement the answer on the server. Otherwise I'd be coding blindly.
Is there a way to force the flash client to behave as if it was in a different domain while still being in localhost so I can troubleshoot this issue without involving a remote host? I don't have many resources in that regard.
Try running the client on 'localhost', and load the policy file from '127.0.0.1'.
They should be seen as different 'domains'.
I have this project for my classes i'm currently workin' on. here it is:
WebPage client for Telnet not on standard ports, with ability to choose a port and connect
I have machines with telnet servers on them, just waiting for connection.
So my idea was to set up a nodeJS with express server on a dedicated machine. This would handle connections through telnet and host a page for clients, that would use socket.io to exchange information with server side.
But as i'm new to such technologies (telecommunications student) i wonder if it is possible. I spotted something like this - jsterm.com by Peter Nitsch, but i see there are some massive gaps in code and the demo does not really work so i don't know if it actually works. Did anyone try this?
My other problem is - when i send information to nodeJS server through websockets, which seems achievable for me, what do i do with this information? Do i just set up another websocket to pass the same data i got from client websocket directly to the telnet port?
Can sockets connect directly to specific port, without any websocket waiting on the other side?
If my idea is wrong, could anyone help me - maybe there exists some nice solution - i was thinking about Anyterm for example but i see that it requires an apache server and runs completely different technologies...
Just to be clear, WebSocket connections are not raw TCP socket connections. They have extra header information in each packet, browser to server data is masked using a running XOR, etc.
In order for the browser to communicate with a normal TCP server (e.g. a telnet server) you will need some sort of bridge service. It just so happens that such a thing already exists. websockify is a server that accepts WebSocket connections and bridges them to a raw TCP server.
In fact, the websockify project already includes a working telnet client as an example application. However, note that one limitation of websockify (for security reasons) is that the client cannot pick an arbitrary server address/port to connect to. The target address(es) must be predefined, either as a single target specified on the command line for websockify, or as multiple targets specified in a configuration file (and selected via a token in the WebSocket connect string).
There are multiple implementations of websockify in different languages (python, C, node, ruby, Clojure) however, only the python version currently supports multiple targets via a configuration file.
Disclaimer: I created websockify.
I'm looking for a way to connect from flash to an IRC server.
The common solution was to use a tunneling service which uses comet/websockets like:
pusher.com
tech.kaazing.com/documentation/dragonfire/howto-irc.html
www.lightstreamer.com
However, since this product is meant for flash, can I connect directly to the irc server instead of going through the tunneling service in the middle?
One proof of concept that i found was lightirc, but they doesn't make it clear if they serve as a long-polling proxy in the middle or the client connects directly to the irc server. The only thing they mention is that I should put crossdomain.xml on the irc server side to bypass the flash security setting, but does it means the client connects to it directly?
Any idea if
Since our shared hosting server doesn't allow us to setup Tomcat I decided to install it on our local machine. The local Tomcat server allows us to listen to a certain port for Bancnet transactions which will then be processed and written to the remote site.
Question:
Is it safe for me to set the local PHP application to connect directly to the remote mySQL server? Any suggestions on how to make the connection secure. BTW, I have a self-signed certificate installed in the localhost but not sure how this applies to remote mySQL connection.
You could create a ssh tunnel between MySQL server and client. For more resiliency, use autossh.
If you don't connect over SSL or some other encrypted tunnel, I would absolutely assume that anything you send or receive from MySQL is done so in clear text that can be intercepted and used for malicious purposes from any link along the way. This might be fine for testing purposes with dummy data, but before you put this in production use or pull down live user data for testing, you really should either make arrangements for the data to be stored local to the web app or for there to be an encrypted connection.
Giving you a full overview of how to set up SSL connections to MySQL is beyond the scope of Stack Overflow and it's a bit complicated, but if you want to proceed, check out the documentation and do some research, there are some good informational resources out there.
I'm a bit confused as to the architecture you are trying to describe. What's running where?
If you can't install Tomcat then you probably won't be able to install anything like VPN software on the box.
MySQL can encrypt using SSL provided it has been enabled at compile time and at run time.
Alternatively, it should be fairly trivial to build a webservices tier on top of the remote database.
I would recommend switching to a VPS or managed host though.
I create a Flex application that works with a browser using a database with the MySQL server that I can create, modify and delete data from a database.
The problem I encounter now is that I want to see my program with Adobe AIR (virtual machine). At the display that does not pose a problem. The problem is that air can not reach the database server is located in the MySQ. the error message displayed is as follows:
"Error : client.Error.MessageSend - Channel.connect.failed error NetConnection.Call.Failled : HTTP: Status 404:url:'http://xxx.swf/xxx/messagebroker/amf' - Send failed"
Thank you kindly explain to me why I obtain this error? and why do I get to work with the browser but not with AIR? and do work well with AIR application "Client - Server"?
I await your answers or comments with pleasure
It would be best to have some service on the server-side to serve as a facade to database operations. Thus:
you will work with a limited interface from your flex client
you won't need to store DB credentials on the client (this is security flaw - anyone can connect to your database and drop anything)
you won't need special firewall permissions (or mysql port configurations) for your clients - most servers don't allow external parties to connect to port 3306
You can use BlazeDS for that, or you can create your own solution, if the case is simple enough (I actually didn't like the way BlazeDS handles stuff when I had to make this choice a while ago)
The exception you are getting is actually in the AMF broker messaging rather than any of the other technologies. Check whether the URL shown in the message really returns 404.
If you are getting a 404 error then your BlazeDS servlet is not running. Make sure you didn't get any errors when you started Tomcat.