I need to access an ASP.Net2 page from Action Script 3.0 and I wrote the code in .fla file that access the asp.net page but there is a problem in the accessing it reports to me the following error :
Error opening URL 'http://localhost/Trial/Default.aspx'
Error #2044: Unhandled ioError:. text=Error #2032: Stream Error. URL: http://localhost/Trial/Default.aspx
at Script1/sendSQLXML()
at Script1$iinit()
and after searching I found that it is a problem related to Cross Domain policy so I created an XML file called Crossdomain.xml with the following code:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>
and i don't know how to use it from ACS3 and where to put it
Note: i run the Asp.Net2 page in the IIS
Look into the loadPolicyFile(..) method: http://livedocs.adobe.com/flex/3/langref/flash/system/Security.html#loadPolicyFile()
IF you're working localy (http://localhost/Tri...), i'm not sure that the problem come from some CrossDomain issues...
Typically the crossdomain file gets placed at the root of the server, if you are running locally you shouldn't be having crossdomain issues, but you might want to try placing it in c:\inetput\wwwroot\ and see if that addresses your issue.
crossdomain.xml gets put at the root of the server you are trying to access. that's the default location such that you won't need to call Security.loadPolicyFile()
Related
This was working fine the last time I tried it a few days ago, but I am getting a strange error now. I have Xamp running with this file in htdocs call YAM.xml:
<?xml version="1.0" encoding="utf-8"?>
<VAST version="2.0">
<Ad id="TEST">
<InLine>
<AdSystem version="3.1">Test</AdSystem>
<AdTitle>JVAM Test</AdTitle>
<Impression></Impression>
<Creatives>
<Creative sequence="1">
<Linear>
<Duration>00:00:15</Duration>
<MediaFiles>
<MediaFile delivery="progressive" width="640" height="480" scalable="1" type="video/mp4">
<![CDATA[http://127.0.0.1/YAM.swf?someVar=123344&vastUrl=http://127.0.0.1/Yashi200_15sec.mp4&vastUrl=http%3A%2F%2Fad4.liverail.com%2F%3FLR_PUBLISHER_ID%3D1331%26LR_SCHEMA%3Dvast2-vpaid&domainName=developers.google.com&fallbackVastUrl=http%3A%2F%2Fad4.liverail.com%2F%3FLR_PUBLISHER_ID%3D1331%26LR_SCHEMA%3Dvast2]]>
</MediaFile>
</MediaFiles>
<VideoClicks>
<VideoClick>
<ClickThrough>
<![CDATA[http://www.cats.com]]>
</ClickThrough>
</VideoClick>
</VideoClicks>
</Linear>
</Creative>
</Creatives>
</InLine>
</Ad>
</VAST>
Also, my crossdomain.xml looks like this:
<?xml version="1.0" ?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
I'm entering the path to this VAST xml (http://127.0.0.1/YAM.xml) into a VAST validator in the browser like the one here: http://zutils.zedo.com/vastvalidator/
For some reason when I try test the ad it gives this error:
* Security Sandbox Violation * Connection to tmp/ Warning: file_get_contents(http://127.0.0.1/YAM.xml): failed
to open stream: HTTP request failed! HTTP/1.0 500 Internal Server
Error in
/home/adwww/apache/htdocs/adwww/vastvalidator/createxmlfile.php
on line 3 zedoxml144583131.xml halted - not permitted
from
http://zutils.zedo.com/vastvalidator/ova.jwplayer.5x/dist/swf/5.9.swf
Error #2044: Unhandled error:. text=Task Queue failed at step 0: Error
2048: Security sandbox violation: http://zutils.zedo.com/vastvalidator/ova.jwplayer.5x/dist/swf/5.9.swf
cannot load data from tmp/ Warning:
file_get_contents(http://127.0.0.1/YAM.xml): failed to open stream:
HTTP request failed! HTTP/1.0 500 Internal Server Error in
/home/adwww/apache/htdocs/adwww/vastvalidator/createxmlfile.php
on line 3 zedoxml144583131.xml.
The local server is running, and if I put http://127.0.0.1/YAM.xml into my address bar I see the xml file.
I have been banging my head against the wall for a few days so if someone sees the problem please help. thanks.
127.0.0.1 is localhost, the server cannot reach you (your file) through that IP.
I got this error message when trying to load a game from the browser:
*** Security Sandbox Violation ***
SecurityDomain 'https://playerio.s3.amazonaws.com/competitions/ega2012/swf/Nhm-JFy6dEyuemmaE59BSQ.swf?AWSAccessKeyId=1Q3ETXSFA8S2F2TSA9R2&Expires=1361787227&Signature=TBCVKQDGlxthLj2YhoumxTxUGOo%3D' tried to access incompatible context 'http://cdn.playerio.com/rts-tvkyczvzk5uwqv8z12rw/Game2build29.swf'
SecurityError: Error #2121: Security sandbox violation: LoaderInfo.content: https://playerio.s3.amazonaws.com/competitions/ega2012/swf/Nhm-JFy6dEyuemmaE59BSQ.swf?AWSAccessKeyId=1Q3ETXSFA8S2F2TSA9R2&Expires=1361787227&Signature=TBCVKQDGlxthLj2YhoumxTxUGOo%3D cannot access http://cdn.playerio.com/rts-tvkyczvzk5uwqv8z12rw/Game2build29.swf. This may be worked around by calling Security.allowDomain.
at flash.display::LoaderInfo/get content()
at Loader3_fla::MainTimeline/onCompleteHandler()[Loader3_fla.MainTimeline::frame1:86]
It says you can workaround this error by using Security.allowDomain(), but I am not sure which domain to allow!
You should put crossdomain.xml in your project folder, in which you can allow all domains or some specific domains from which your application is fetching data.
<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
above is for all domains, if you want to allow some specific domains :
<allow-access-from domain="www.mysite.com" />
<allow-access-from domain="mysite.com" />
I have an application which upload/download files to/from box.net. the application works fine when not deployed on server but when I deploy it on Google App Engine the following error is encountered.
Error #2044: Unhandled securityError:. text=Error #2048: Security
sandbox violation: http://somexyz.appspot.com/xyzsample.swf cannot
load data from http://box.net/api/1.0/download/abcdef/123456.
I have included the below lines of code in as3
Security.allowDomain("*");
and placed crossdomain.xml in app root folder (Google App Engine) and can access the file using somexyz.appspot.com/crossdomain.xml
crossdomain.xml contains the below lines
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
<allow-http-request-headers-from domain="*"/>
</cross-domain-policy>
I am also getting the same issue when I tried using tomcat.
If you are loading from box.net, you need to check the http://box.net/crossdomain.xml
and there you can read following:
<!--
Box has recently changed its crossdomain policy for API calls made from Flash.
To continue using Box API, please add the following line to the code of your Flash
application:
- AS2: System.security.loadPolicyFile("http://www.box.net/api/crossdomain.xml");
- AS3: Security.loadPolicyFile("http://www.box.net/api/crossdomain.xml");
-->
UPDATE
Please be sure that you are adding it corectly:
Security.loadPolicyFile("http://www.box.net/api/crossdomain.xml")
And when loading:
*.load('http://www.box.net/api/1.0/download/abcdef/123456');
so that the path to the server would be the same: http://www.box.net/
For flash the http://www.box.net/ and http://box.net/ are 2 different domain names.
I need to host my full-Flash SWF site on "xx.com" server. But all graphics and sounds have to be loaded off "yy.com" server.
Inside my AS3 code, all data is loaded by absolute addresses, e.g:
http://yy.com/file1.jpg
http://yy.com/file2.jpg
If I run the swf locally, either from within the Flash authoring tool, or a local .html file, or by double-clicking the swf, it works fine. All data is downloaded from "yy.com" and the site displayed properly.
It WON'T work if I upload the swf on "xx.com" and load it off there.
I have created the following crossdomain.xml file
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" />
</cross-domain-policy>
and uploaded at
http://yy.com/crossdomain.xml
The result is quite strange : it seems to start loading 1-2 images off "yy.com", but then it halts. This behaviour happens with or without the crossdomain.xml file.
Is what I am trying to do achievable in some way? My problem is that xx.com has very limited space so I can upload the swf and/or the html on it, but not the actual data (which is lots of MBs).
try using this as your crossdomain.xml file. This is the one I use and it has always worked for me. It has that extra allow-http-request-headers-from node
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
Make sure you set allow all inside your swf's
Security.allowDomain("*");
The solution was to add a LoaderContext to the load function of the Loader objects, like this :
context = new LoaderContext(true);
loader.load( new URLRequest(name), context );
Only then was the crossdomain.xml file checked.
I have a flex 3 app that is attempting to load images from Amazon S3. The images fail to load, so I fired up debug mode. In debug mode, the images load, but I also get the following output in the debugger:
*** Security Sandbox Violation ***
SecurityDomain 'http://something.s3.amazonaws.com/logos/mylogo.png' tried to access incompatible context 'http://localhost/myapp/bin-debug/index.html?debug=true'
I have added a crossdomain.xml file into the root of my bucket as follows, but this does not seem to help:
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only" />
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" />
</cross-domain-policy>
Am I missing something obvious here?
Maybe problem in site authorization. When I visited your url I got "Access Denied". It works for one env but not for other.
Your don't need crossdomain.xml for just displaying images in your way with image.source, so problem not in Flash Player security.
You trace says that image is loaded but it can't access parent sandbox. It doesn't help to debug problem. Try to use ServiceCapture or Firebug or Charles to define of what actually being loaded to Flash Player.