cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0
Upvote

URLRequest with crossdomain behind firewall gets 2044/2048 Sandbox violation

Guest
Jun 03, 2013 Jun 03, 2013

Copy link to clipboard

Copied

Hi!

We have an app running over HTTP on server "S", behind a firewall "F" and requesting an XML file through HTTPS to server "X" (through the firewall).

We've setup the crossdomain policy files on "X" as follow :
https://domain_X/crossdomain.xml

<cross-domain-policy>
    <site-control permitted-cross-domain-policies="all" />
</cross-domain-policy>

https://domain_X/crossdomain_for_firewall_F.xml

<cross-domain-policy>
    <allow-access-from domain="ip.of.firewall.F" secure="false" />
    <allow-http-request-headers-from domain="ip.of.firewall.F" headers="*" secure="false" />
</cross-domain-policy>

secure="false" because the request comes from a non HTTPS page.

The URL we're trying is accessible without any problem outside of flash using its URL:
https://domain_X/some_folder/file.xml

In our flash souce code we call 

Security.loadPolicyFile(https://domain_X/crossdomain_for_firewall_F.xml)

and it seems to be loaded properly as reported by Fiddler2

Then we use the URLRequest to get the xmlfile as follow:

var request : URLRequest = new URLRequest (https://domain_X/some_folder/file.xml);
request.method = URLRequestMethod.GET;
var loader : URLLoader = new URLLoader ();
loader.addEventListener( Event.COMPLETE, getfeatureinfo_result )
loader.load ( request );


All of this works fine when running under flashbuilder as it doesn't request the crossdomain policy file. But when it get published on our test server, we get the 2044/2048 Sandbox violation error.

We use IE8

I really don't know where to look next to find a solution. I guess it has something to do with the firewall?

Any suggestion would be greatly appreciated.

Update:

Changing <allow-http-request-headers-from domain="ip.of.firewall.F"

and allow-access-from domain="ip.of.firewall.F"

with domain="*" temporarely solved the problem...

What I understand is that Flash will look at the crossdomain file in the context of the server where the client app is hosted, wich makes sense. But in our case, the XML file we are trying to reach is outside of our intranet and our network privacy policies forbid us from publishing internal IP adresses to the outside world. That means we cannot put the server_S ip adress in the crossdomain file that sits on the server_X.

It seems that there is no workaround this issue... we leave domain="*" or we put in our intranet's server ip adresse

Message was edited by: jeanbernardgariepy

Views

1.1K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices