This content has been marked as final. Show 7 replies
This file goes in the"root of the web server". Now tis is not very helpful so here are some examples:
Flex 1.5 "integrated Jrun" default installation
C:\Program Files\Apache Software Foundation\Tomcat 5.0\webapps
If in doubt, put one everywhere until it works, then take them out until it breaks.
Use the universal permission until you get it working:
<allow-access-from domain="*" to-ports="*" secure="true" />
I 've placed the crossdomain.xml file with universal permissions on to my web server. I can even access the same from the http://server:port/crossdomain.xml URL. However my flex application still fails to connect and retrieve data from the internet.
What URL are you trying to access? Is it your own server or someone else's server? If it's somebody else's server, then the owner of that server has to put a crossdomain file on his server to allow access. You can't do anything to fix it yourself.
Yes , I am trying to access another server (basically a feed URL) from the internet. The point is that if I run my application inside flex builder it can access internet and what you refer to as someone else's server. But after deploying the same on another application server(which happens to be an 0C4J server) the application is not able to access the internet.
Running your app locally (eg. inside Flex Builder) and running your app from the network have different security policies. It's a little complicated, but suffice it to say, if you want to run your app from the network and have it access a third-party website, that website must provide a crossdomain file that permits the access.
>>Running your app locally (eg. inside Flex Builder) and running your app from the network have different security policies.
Why is that so? I dont think adobe or any vendor would do something of this sort. In that sense nobody can test his/her application after deploying it locally on a test server, because no crossdomain.xml file in the world would know about their test server name.
This article sums it up quite nicely:
And the actual domain name of a test server is not usually relevant. Most public websites with a crossdomain file allow access from anywhere. Check out flickr's: