6 Replies Latest reply on Mar 2, 2017 1:30 AM by markLee

    Cross Domain Issue

    live2_Learn Level 1

      I developed my Flex and Java Web applications in MyEclipse 7.1. Both applications were deployed in Tomcate 6. The URL for Flex is

      http://localhost:8080/DLI/DLI.html. Within Flex, a call is made to http://localhost:8080/ImageX/ImageServlet via Httpservice. It works fine

      using this Flex url to request for service from the server.  However, when I use http://127.0.0.1:8080/DLI/DLI.html to request for service

      from the server, I got this message:

       

      *** Security Sandbox Violation ***

      Error: Request for resource at http://localhost:8080/ImageX/ImageServlet?licNo=1003030 by requestor from http://142.139.224.62:8080/DLI/DLI.swf is denied due to lack of policy file permissions.

       

      Attached is my crossdomain.xml:

      <?xml version="1.0"?>

      <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

      <cross-domain-policy>

      <allow-access-from domain="localhost" to-ports="8080"/>

      <allow-access-from domain="127.0.0.1" to-ports="8080"/>

      <allow-access-from domain="142.139.224.62" to-ports="8080/>

      </cross-domain-policy>

       

      I placed it in http://localhost:8080/ImageX

       

      This is how I load my crossdomain file in my Flex (ref. http://groups.google.com/group/flex_india/browse_thread/thread/6e592c24d235e3eb)

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

      <?xml version="1.0" encoding="utf-8"?>

      <mx:Application

      xmlns:mx="http://www.adobe.com/2006/mxml" layout="vertical" initialize="initDomain()">

       

       

      <mx:ApplicationControlBar width="779" height="119" fillAlphas="[1.0, 1.0]">

       

       

      <mx:Image width="644" height="110" source="assets\hpublic-e.jpg" scaleContent="true" autoLoad="true"/>

       

       

      </mx:ApplicationControlBar>

       

       

       

      <mx:Script>

      <![CDATA[

       

       

       

       

       

      private function initDomain():void

      {

       

       

      var ip:String = "localhost"

      ;

       

      Security.allowDomain(ip+

       

      "/ImageX/"

      );

      Security.loadPolicyFile(

       

      "http://"+ip+":8080/crossdomain.xml"

      );

      ......

       

      What is it that I am still missing?

       

       

       

       

        • 1. Re: Cross Domain Issue
          Flex harUI Adobe Employee

          Maybe make sure the crossdomain.xml has loaded before attempting HTTP requests

           

          Alex Harui

          Flex SDK Developer

          Adobe Systems Inc.

          Blog: http://blogs.adobe.com/aharui

          1 person found this helpful
          • 2. Re: Cross Domain Issue
            live2_Learn Level 1

            Hi Alex,

             

            With the initDomain() at

            <mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="vertical" initialize=initDomain()>

             

            Then I invoke the servlet:

             

                <mx:HTTPService id="imageService"
                    url="http://142.139.224.62/ImageX/ImageServlet"
                    method="GET"
                    resultFormat="object"
                    result="resultHandler(event);"
                    fault="faultHandler(event);"/>

             

            I put Alert() in initDomain() and according to the Alert() display, the crossdomain.xml was loaded.

            But then my ServiceCapture software which tracks the internet traffic gave the following message:

             

            Warning: Ignoring <site-control> tag in policy file from http://142.139.224.62/ImageX/crossdomain.xml.  This tag is only allowed in master policy files.
            Warning: Domain 142.139.224.62 does not specify a meta-policy.  Applying default meta-policy 'master-only'.  This configuration is deprecated.  See http://www.adobe.com/go/strict_policy_files to fix this problem.
            Error: Ignoring policy file at http://142.139.224.62/ImageX/crossdomain.xml due to meta-policy 'master-only'.
            *** Security Sandbox Violation ***
            Error: Request for resource at http://142.139.224.62/ImageX/ImageServlet?licNo=1003030 by requestor from http://localhost/DLI/DLI.swf is denied due to lack of policy file permissions.

             

            My updated crossdomain.xml:

            <?xml version="1.0"?>
            <cross-domain-policy>
                <site-control permitted-cross-domain-policies="master-only" />
                <allow-access-from domain="localhost"/>
                  <allow-access-from domain="127.0.0.1"/>
                <allow-access-from domain="142.139.224.62"/>
            </cross-domain-policy>

             

            What is wrong with my crossdomain.xml?

             

            Mike

            • 3. Re: Cross Domain Issue
              Flex harUI Adobe Employee

              I'm definitely not the expert in crossdomain.xml files.  Make sure you've read through the documentation on the adobe sites.  Normally, the crossdomain.xml file goes at the root and not in a subdirectory like ImageX.  You might want to try that configuration

               

              Alex Harui

              Flex SDK Developer

              Adobe Systems Inc.

              Blog: http://blogs.adobe.com/aharui

              • 4. Re: Cross Domain Issue
                nmj77

                Hello!

                 

                I have a problem that is breaking my head over a week!

                I have a Flash game that works under Python.

                The game works fine in localhost, but doesn't work if

                someone try to play it from another computer. You can access mysql,

                login into the server, but can't play.

                When play it  in localhost the firestarter get first a 127.0.01 entry in 80 port, unknow service.

                Then when the game starts the entry change to 127.0.0.1 2001, unknow service.

                When other computer try to play, get a entry in 80 port, and stops there.

                Below some file parts.

                 

                -----------#----------------

                This is the config.py

                mysql_host = 'localhost'

                mysql_user = 'root'

                mysql_pass = 'pass'

                root_host = 'localhost'

                 

                policy_line = '<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy>

                <site-control permitted-cross-domain-policies="all"/><allow-access-from domain="*" to-ports="843,2001,3001,4001,5001,6001,7001,8001,9001,9002,9092" />

                </cross-domain-policy>'

                ------------#-------------------

                 

                The init.py

                from policy_server import PolicyFactory

                from game_server import gameFactory

                from twisted.internet import reactor

                 

                def main():

                    print 'Server Started...'

                    reactor.listenTCP(843, PolicyFactory())

                    GameServer = GameFactory('localhost', 'pt_br')

                    reactor.listenTCP(1024, gameServer)

                    reactor.listenTCP(2001, gameServer)

                    reactor.listenTCP(3001, gameServer)

                    reactor.listenTCP(4001, gameServer)

                    reactor.listenTCP(6001, gameServer)

                    reactor.listenTCP(7001, gameServer)

                    reactor.listenTCP(8001, gameServer)

                    reactor.listenTCP(9001, gameServer)

                    reactor.listenTCP(9002, gameServer)

                    reactor.listenTCP(9092, gameServer)

                    reactor.run()

                 

                 

                if (__name__ == '__main__'):

                    main()

                ----------------#-------------------------

                 

                1. crossdomain.xml

                 

                <cross-domain-policy><site-control permitted-cross-domain-policies="master-only"/>

                <allow-access-from domain="localhost" to-ports="843,1024,2001,3001,4001,5001,6001,7001,8001,9001,9002,9092"/>

                <allow-access-from domain="http://127.0.0.1" to-ports="843,1024,2001,3001,4001,5001,6001,7001,8001,9001,9002,9092"/>

                </cross-domain-policy>

                 

                  --------------#--------------------------------------

                • 5. Re: Cross Domain Issue
                  franciscoa98098255

                  Hello you managed to make the system works if you got in touch

                  • 6. Re: Cross Domain Issue
                    markLee Level 1

                    hi you can google CROS ,you can get Allow-Control-Allow-Origin:  , modify config file,  CROS will be ok.