0 Replies Latest reply on Oct 10, 2008 3:29 PM by greenx

    Problem fetching policy-file-request

    greenx
      According to http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_print.html

      quote:

      * A SWF file may no longer make a socket connection to its own domain without a socket policy file. Prior to version 9,0,115,0, a SWF file was permitted to make socket connections to ports 1024 or greater in its own domain without a policy file.
      * HTTP policy files may no longer be used to authorize socket connections. Prior to version 9,0,115,0, an HTTP policy file, served from the master location of /crossdomain.xml on port 80, could be used to authorize a socket connection to any port 1024 or greater on the same host.


      So with the tighter security measures, a policy file has to be fetched on port 843 or on the same port on which a connection is desired. That leads to another problem. The policy file request made by the player has a simple format: clear text <policy-file-request/> is sent as raw data bytes on the ports.

      As most firewalls block such raw data traffic (of unknown protocols) on all the ports, this means that the policy file fetch will fail almost always if the user is behind any firewall.

      This will render all SWFs, that do not use well known ports, unusable. Does anyone know what is the solution to this problem? Or am I missing something here?