Hi - I'm having a problem with cross domain scripting. I've
got an admin interface at www.admin.mydomain.com and it's trying to
access a shim movie at www.mydomain.com. I've tried all possible
permutations of crossdomain.xml and system.security.allowdomain.
The swfs were authored in flash8 but I've just switched to flash10
and am publishing them for flash10 - the error messages when
debugging are more complete. I'm using actionscript 2.
I've had to put the crossdomain.xml on the root of the server
and on the root of the subdomain (with
permitted-cross-domain-policies = "all") otherwise the admin swf
complains when the root crossdomain.xml tries to access it. I'm
explicitly calling system.security.loadpolicyfile in both movies.
I've tried setting system.security.allowdomain(_parent._url) in the
shim movie and system.security.allowdomain(_shim_mc._url) in the
admin swf (which is in the subdomain). This removed all of the
sandbox error messages (eg
*** Security Sandbox Violation ***
tried to access incompatible context '
that I was getting when the shim loaded into the admin but
whenever cross scripting occurs I get the same error messages. I
don't believe it should be necessary to call
system.security.allowdomain every time I cross-script, at least
I've never read that anywhere and I've read a fair amount of
tutorials, helpfiles, whitepapers etc to try and understand what is
happening. Maybe I'm wrong - can anyone help? Below is my