Copy link to clipboard
Copied
Hi,
This is my first entry in this forum but I already found a lot of answers by browsing it. However, altough many references seem to solve the problem I'm hurting on, it doesn't seem to work for me...
Now, here's the case:
I made a flash web site that will be hosted on an external web server (let's call it server «www.external.com»).
My flash needs to get some info from my internal server (let's call it «www.internal.com»).
On «www.internal.com», I don't have access to the root, only to the folder «myfolder» so my website reads like this: «www.internal.com/myfolder».
Being aware of some sandbox security issues, I made a crossdomain.xml file and uploaded it to «www.internal.com/myfolder/crossdomain.xml» to provide acces to «www.internal.com/myfolder» from «www.external.com» wich is the following:
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="www.external.com" />
<allow-http-request-headers-from domain="www.external.com" headers="*"/>
</cross-domain-policy>
In my flash, there is the code i use to retrieve my info:
Security.loadPolicyFile("http://www.internal.com/myfolder/crossdomain.xml");
var myData:URLRequest = new URLRequest("http://www.internal.com/myfolder/myapp/datarequest.cfm");
var loader:URLLoader = new URLLoader();
loader.load(myData);
That's where I get the raging error #2048 in an error #2044 telling me this (excuse the french, my player and I use this language):
Error #2044: securityError non pris en charge : text=Error #2048: Violation de la sécurité Sandbox : http://www.external.com/flashapp.swf ne peut pas charger de données à partir de http://www.internal.com/myfolder/myapp/datarequest.cfm.
According to what I saw and read, loading a policy file should allow me to access info. Once I read that the crossdomain.xml file absolutely had to be on the root of the web server, unfortunately, I don't have access to the root.
There surely is something wrong with what I am doing, anyone has a thought?
Thanks in advance and sorry for the long message...
Copy link to clipboard
Copied
just a guess here - it looks mainly as though you are on the right track, and you are correct if you so not have access to the root, then you must target the crossdomain.xml location as you have specified.
the one thing i don't see that you have listed here is a call to:
Security.allowDomain("www.external.com");
which *might* be the issue