0 Replies Latest reply on Mar 21, 2008 10:51 AM by w33dMaNP0L3R

    Picasaweb feed security problem


      Have any of you guys encountered a problem retreiving data from a cross domain source like Picasaweb?

      Here is the error log I get from the Flash player debug?

      Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://DOMAIN/index.swf cannot load data from http://picasaweb.google.com/data/feed/api/user/USER?kind=album&alt=rss&hl=en_US.
      at index_fla::MainTimeline/frame1()

      HEre is the LOg from the policy file:

      Warning: Domain picasaweb.google.com does not explicitly specify a meta-policy, but Content-Type of policy file http://picasaweb.google.com/crossdomain.xml is 'text/x-cross-domain-policy'. Applying meta-policy 'by-content-type'.
      OK: Policy file accepted: http://picasaweb.google.com/crossdomain.xml
      Error: Request for resource at http://picasaweb.google.com/data/feed/api/user/USER?kind=album&alt=rss&hl=en_US by requestor from http://DOMAIN/index.swf is denied due to lack of policy file permissions.
      Error: Ignoring policy file at http://photos.googleapis.com/crossdomain.xml due to meta-policy 'by-content-type'.
      OK: Policy file accepted: http://photos.googleapis.com/data/crossdomain.xml

      HEre is the policy file from Picasaweb:

      <?xml version="1.0"?>
      <!DOCTYPE cross-domain-policy SYSTEM " http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
      <allow-access-from domain="*.google.com" />

      Thanks for the help!