I'm trying to port an existing web app (ActionScript 3 only project) to AIR, to run as a standalone application. One of its features is opening urls in a browser window. But calling navigateToURL(new URLRequest(url)) throws this SecurityError:
SecurityError: Error #2193: Security
sandbox violation: navigateToURL:
app:/AIRDigE.swf cannot access
http://www.youtube.com/watch?v=xCPwAr0xnGE.
at global/flash.net::navigateToURL()
when run from Flash Builder 4.
Googling doesn't really help me with this specific error number.
Adobe's reference on Security Sandboxes states that any AIR application running with Security.sandboxType==Security.APPLICATION (which my application uses) should be able to connect to any domain, but apparently that doesn't count for me.
Any ideas?
Thanks, Frank
Sorry folks, this morning I found the answer myself: the url that I passed into the URLRequest had a space in front of it (it was loaded from an xml feed that is evidently producing faulty urls).
So it seems that a url with an invalid protocol causes that error, and putting a trim() around the url fixed it.
I was getting this error because of using double backward slashes in the web link like "http:\\www.youtube.com"
Where as I supposed to use "http:*//*www.youtube.com"
try using URLRequest with navigateToURL
navigateToURL(new URLRequest("http://www.youtube.com"));
UPDATED:
navigateToURL(new URLRequest("http://www.youtube.com"),"blank");
Related
I am trying to collect crash logs for my WebAssembly application. It's built with emscripten, everything is served from the same domain, testing in Chrome. In the developer console I see a proper error with stack trace when a crash occurs, I'd like to capture this and send it to a server.
Instead I am only getting "Script error." passed to window.onerror() and the fifth parameter is null. This is supposed to happen when violating the same-origin policy (linked question is only about javascript, does not talk about this WebAssembly-specific problem.) Errors occurring in the .js file don't have this problem, only webassembly runtime errors.
I added the crossorigin attribute to the .js file generated by emscripten. The site is running in secure context, the Response object passed to WebAssembly.instantiateStreaming() (in the emscripten-generated .js file) has "basic" as its .type, so as I understand it has no restrictions on what can be done with it. "Access-Control-Allow-Origin" header is set to "*".
For some weird reason I managed to get the full error with stack trace exactly once, so it is apparently possible, but seemingly doing everything the same way I can't get it to work again.
How can this be solved?
instantiateStreaming is promised based so maybe try window.addEventListener('unhandledrejection')?
I'm running an MVC app on Azure. I use the AzureReader2 plugin. It's been working fine for years.
But when this hits missing images, it throws FileNotFoundException exception and this apparently breaks down user authentication, causing user to be redirected to login page.
Is there a way to prevent this? How can I catch and handle this exception for the URL API?
I am considering the Image404 plugin. But I am not sure it works with AzureReader2 plugin (?)
Exception handling would be best for me as I could take some other actions.
Thanks
You can see the Image404 plugin source code on GitHub. There is a Config.Current.Pipeline.ImageMissing event that it handles - you can plug into the same event to do your own logic.
It should work fine with AzureReader2.
Note that most likely your 404 page is set to require authentication, which is why it is redirecting.
I am trying to change webservice implementation I have done over to use HTTPS.
I have been using the as3httpclientlib (https://code.google.com/p/as3httpclientlib/).
When I use a non-ssl endpoint it works as expected.
However when I use an SSL endpoint and version 1.3 as3crypt from the downloads page (https://code.google.com/p/as3crypto/downloads/list) or the included as3crypto-1_3_patched.swc I get the following:
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 12
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
I DONT KNOW HOW TO HANDLE DER stuff of TYPE 22
[Fault] exception, information=TypeError: Error #1009: Cannot access a property or method of a null object reference.
With the traces originating from Line 123 of DER.as
https://code.google.com/p/as3crypto/source/browse/trunk/as3crypto/src/com/hurlant/util/der/DER.as?r=7
and the error from line 225 of X509Certificate.as
https://code.google.com/p/as3crypto/source/browse/trunk/as3crypto/src/com/hurlant/crypto/cert/X509Certificate.as?spec=svn28&r=7
When I use the latest version of as3crypt https://code.google.com/p/as3crypto/source/detail?r=28 I get
[Fault] exception, information=Error: couldn't parse DER stream.
Thrown from line 23 of https://code.google.com/p/as3crypto/source/browse/trunk/as3crypto/src/com/hurlant/util/asn1/type/SetType.as
The webservice I am trying to access is on azurewebsites, so will be using the *.azurewebsites.net certificate.
I am also using the ASC2 compiler, this caused a couple of bugs which I had to fix in the crypto project including changing if (hex.length&1==1) hex="0"+hex; to if ((hex.length&1)==1) hex="0"+hex; which I found posted here com.hurlant.util.hex syntax error on air sdk 3.5
I am starting to think it may be something related to the way SSL is done on Azure websites, since when I strip back the request completely, I still get the same error, however pointing to https://www.google.com, I get no error.
They state on their website:
HTTPS doesn't always work. There are some minor bugs with the
as3crypto library, so for example https at yahoo and yahoo owned
domains (like delicious) don't currently work.
I had a look through the list of issues for as3crypt, and was wondering whether one of these contained a fix: https://code.google.com/p/as3crypto/issues/list
Does anyone know why I am getting these errors (what it is that azure are doing differently with their certificate (could it be the wildcard?)) and how I can fix it? Is there a maintained version of as3crypto that works? Or is there a better way for consuming https webservices from Air mobile apps?
****UPDATE****
I tried using the patched version of as3crypto but still no joy. The following is a copy of my stack trace when it errors. Does seem to be an error parsing the certificate?
I also had a look into changing over to SecureSocket but unfortunately it is not supported on iOS.
http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/net/SecureSocket.html
AIR profile support: This feature is supported on all desktop
operating systems, but is not supported on all AIR for TV devices. On
mobile devices, it is supported on Android, but not on iOS. You can
test for support at run time using the SecureSocket.isSupported
property.
TO RECREATE:
Make a get request to any https subdomain of azurewebsites.net.
ie the following code will reproduce:
var client:HttpClient = new HttpClient();
client.get(new URI("https://httpstest.azurewebsites.net"));
I have the same issue with DER decoing, and fix from this issue helped me:
http://code.google.com/p/as3crypto/issues/detail?id=39
What about:
Or is there a better way for consuming https webservices from Air mobile apps?
You can try to substitute TLSSocket from as3crypto with Flash native SecureSocket in the as3httpclient, I think it shouldn't be too difficult to do. In my project I tryed to use both SecureSoket and TLSSocket and stood on TLSSocket because SecureSoket requires FP 11 and doesn't work with self-signed certificates that we use on test server, but SecureSoket also works fine and has shown even better performance that TLSSocket. You also can grab already patched version of as3crypto from my github (https://github.com/fsbmain/as3public) :)
If you still have problems, please provide endpoint of your webservice so I'll be able test it.
UPD:
I were able to reproduce your issue and tested certificate parsing with my patched as3crypto lib (it still allows to go deeper through the parsing), I also tested parsing of the same certificate but downloaded with the browser - the same result in both cases (as on your screenshot), so the conclusion is that TLSSocket loads correct and full bytes of certificate but fails to parse it. I tried to fix the parsing but it requires deeper dive into the as3crypto DER format implementation. So I'm afraid the only way to use as3httpclient is to fix DER parsing.
BTW why doesn't standard URLLoader fit you?
The as3crypto.swc file here: http://www.igniterealtime.org/downloads/download-landing.jsp?file=xiff/xiff_3_1_0.zip solved my issue.
as3crypto.swc is inside the libs folder, after extracting.
I'm trying to debug an issue on a clients machine. The problem is that the problem is a runtime error with very little clue as to where it is. It is an intermittent problem. I know ADL allows me to run the application in a debug mode. The problem is that to tell the user to download and manage the ADL invokation is going to be very difficult. It would be a lot easier if I could just give the end user one install/executable to install and run and then send me the trace of the issue. So what I'm looking for is easy steps for the client to be able to run the AIR app in debug mode. Downloading ADL and finding the install location of the app is going to be difficult to manage remotely with the end user.
Update:
You have to make sure you are working with AIR 3.5 and Flash 11.5 and also include the following flag "-swf-version=18" in additional compiler settings. You then have to catch the global error as mentioned in the answer and it will show you the location of the error. No line numbers of course. Just routine names. Thanks a milion to Lee for the awsome answer.
not a direct answer but if you publish for AIR3.5 (or 3.6 beta), you can get some debug info:
add a listener for uncaught RTEs to top level of your app:
this.loaderInfo.uncaughtErrorEvents.addEventListener(UncaughtErrorEvent.UNCAUGHT_ERROR, globalErrorHandler);
and grab debug info from error in listener:
function globalErrorHandler(event:UncaughtErrorEvent):void
{
var message:String;
//check for runtime error
if (event.error is Error)
message = (event.error as Error).getStackTrace();
//handle other errors
else if (event.error is ErrorEvent)
message = (event.error as ErrorEvent).text;
else
message = event.error.toString();
//do something with message (eg display it in textfield)
myTextfield.text = message;
}
getStackTrace will return a stack trace even for release AIR apps (as long as you use AIR3.5 or above).
Without the SDK Tools; I don't think it is possible to run an aIR app in debug mode. But, here are a few alternatives to consider:
The client must have some idea what is going on to cause the error, right? Can you give them a special build with Alert Boxes or logging or something to help isolate the error to a line of code?
Can you listen for the uncaughtException event? The event will give you the full stack trace ( Error.getStackTrace() ); which you could then log--possibly with other information. Then you just have to tell your client to "Go here" and "send me this file." Or even display the info in some Alert and have the user copy and paste it into an email to you. More info on uncaughtException here and here
check my post. Maybe it helps you to get stack trace with line numbers in a AIR release build.
How can I get stacktrace for Adobe AIR global runtime errors in non-debug mode?
I use it in 2 big projects right now and it works very well.
Greetings
I recently encountered a strange thing. On some of my company's servers when an exception message is printed out (yes, bad, I know. It's for debugging), the actual message isn't displayed. Instead it displays the key for an external string resource and says that "Debugging resource strings are unavailable"
After some research I've come up with the following:
In release mode, Silverlight does not package the xap with the dlls containing the actual error messages in order to save space.
I've found workarounds for OLD versions, but nothing for 4. It seems like there are Developer versions of the SL 2 and 3 runtime which will resolve the errors automatically, but I cannot find one for SL 4.
So my question is this:
What the heck do I need to do to my SL 4 app / computer to let me see the full, detailed errors when it's in release mode?
You can download the developer runtime (which contains the full exception strings) from the GetStarted page - http://www.silverlight.net/getstarted/ - search for "Developer Runtimes for Windows and OSX", it's near the bottom of the page.
Though it is too late to reply, it may help somebody else. We have a web application using Silverlight 4, installed in various test environments. This web application consumes more than one WCF services. All but one of the test environment sites consistently failed with message "Debugging Resource strings are unavailable". Agreeably the real exception was swallowed. Being a Silverlight application, there was no logging, and it always appeared that there was something failing in the Silverlight component. I connected the application in my development environment to that particular test environment, and found out that the problem was in fact in one of the WCF services. I fixed the problem at the service end and the SL component stopped having this problem.
Why was the WCF failing?
The WCF service had the following code in the constructor:
public MyService()
{
//Create an instance of Data Lookup service asycnchronously.
if (_dataLookupSrvc == null)
{
try
{
System.Threading.Tasks.Task.Factory.StartNew(() => _dataLookupSrvc = new LookupDataService.LookupDataService());
}
catch (Exception ex)
{
_log.Error<Exception>(ex);
}
}
}
Somebody moved the underlying LookupDataService.dll from the service folder causing the constructor to fail, but not right away. As the LookupDataService instance was created in anonymous method, the exception logging in this method never took place. Once the LookupDataService.dll was dropped in the service folder, the "Debugging Resource strings are unavailable" message went away.
It was a fun wild goose chase!
Have you already checked the event viewer on the machine where the application crashed? Start->Run. eventvwr