0 Replies Latest reply on Jun 5, 2013 5:18 AM by jeanbernardgariepy

    URLRequest with crossdomain behind firewall gets 2044/2048 Sandbox violation

    jeanbernardgariepy

      Hi!

      We have an app running over HTTP on server "S", behind a firewall "F" and requesting an XML file through HTTPS to server "X" (through the firewall).

      We've setup the crossdomain policy files on "X" as follow :
      https://domain_X/crossdomain.xml

      <cross-domain-policy>
          <site-control permitted-cross-domain-policies="all" />
      </cross-domain-policy>
      

      https://domain_X/crossdomain_for_firewall_F.xml

      <cross-domain-policy>
          <allow-access-from domain="ip.of.firewall.F" secure="false" />
          <allow-http-request-headers-from domain="ip.of.firewall.F" headers="*" secure="false" />
      </cross-domain-policy>
      

      secure="false" because the request comes from a non HTTPS page.

      The URL we're trying is accessible without any problem outside of flash using its URL:
      https://domain_X/some_folder/file.xml

      In our flash souce code we call

      Security.loadPolicyFile(https://domain_X/crossdomain_for_firewall_F.xml) 
      

      and it seems to be loaded properly as reported by Fiddler2

      Then we use the URLRequest to get the xmlfile as follow:

      var request : URLRequest = new URLRequest (https://domain_X/some_folder/file.xml);
      request.method = URLRequestMethod.GET;
      var loader : URLLoader = new URLLoader ();
      loader.addEventListener( Event.COMPLETE, getfeatureinfo_result )
      loader.load ( request );
      


      All of this works fine when running under flashbuilder as it doesn't request the crossdomain policy file. But when it get published on our test server, we get the 2044/2048 Sandbox violation error.

       

      We use IE8

       

      I really don't know where to look next to find a solution. I guess it has something to do with the firewall?

      Any suggestion would be greatly appreciated.

       

      Update:

       

      Changing <allow-http-request-headers-from domain="ip.of.firewall.F"

      and allow-access-from domain="ip.of.firewall.F"

      with domain="*" temporarely solved the problem...

       

      What I understand is that Flash will look at the crossdomain file in the context of the server where the client app is hosted, wich makes sense. But in our case, the XML file we are trying to reach is outside of our intranet and our network privacy policies forbid us from publishing internal IP adresses to the outside world. That means we cannot put the server_S ip adress in the crossdomain file that sits on the server_X.

       

      It seems that there is no workaround this issue... we leave domain="*" or we put in our intranet's server ip adresse

       

      Message was edited by: jeanbernardgariepy