6 Replies Latest reply on Aug 4, 2009 8:30 AM by essential1

    Error #2048: Security sandbox violation

    Dan McAdam Level 1

      I've been developing Flex apps for a couple of years now and feel comfortable with my development environment.

      I'm testing out Gumbo in my same environment (new workspace): WAMP based

       

      My test app works fine on my localhost set up... but when I upload the files to my hosted domain server... I get Error #2048: Security sandbox violation.

       

      Specifically:

      - I'm invoking an HTTPService by setting the url to a relative path (folder/file in same dir as the swf)

      - I set method to POST and useProxy to false

      (<fx:Declarations>
              <s:HTTPService id="contentService" url="data/verd_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
          </fx:Declarations>)

       

      - I wrapped the send call in a try / catch block and show an Alert with the error message in the catch... here's what it says

      ****************************************************

      body = (null)
        clientId = "DirectHTTPChannel0"
        correlationId = "F4B9A542-8B00-5CDB-3C36-1316919FC255"
        destination = ""
        extendedData = (null)
        faultCode = "Channel.Security.Error"
        faultDetail = "Destination: DefaultHTTP"
        faultString = "Security error accessing url"
        headers = (Object)#1
          DSStatusCode = 0
        messageId = "E629F555-EF8B-E535-7CE4-13169662A82A"
        rootCause = (flash.events::SecurityErrorEvent)#2
          bubbles = false
          cancelable = false
          currentTarget = (flash.net::URLLoader)#3
            bytesLoaded = 0
            bytesTotal = 0
            data = (null)
            dataFormat = "text"
          eventPhase = 2
          target = (flash.net::URLLoader)#3
          text = "Error #2048: Security sandbox violation: http://****.com/Main.swf cannot load data from http://localhost:***/data/verd_content.xml?hostport=***t.com&https=N&id=F4B9A542-8B00-5CDB -3C36-1316919FC255."
          type = "securityError"
        timestamp = 0
        timeToLive = 0

      ************************************************************

      *NOTE: I obfuscated parts of the url for security reasons

       

      I read the other similar posts here about problems like this when using the PHP / Zend set up... but I checked the .actionScriptProperties file and it does not have any URLs in there (like localhost:port#)

       

      I'm not using a service-config.xml file in this project... but I have set up WebORB for PHP servers and use that all the time... so I know how that works...

       

      Is this a bug or am I missing something new in the Gumbo ?

      Again: my swf file is in a folder in the webroot on my ISP

      also inside that folder is another folder with an XML file in it

      I'm setting an HTTPService call using the url parameter on a POST with a relative file path (folder/filename.xml)

       

      changing the url to an absolute makes no difference...

       

      thanks in advance for any help

        • 1. Re: Error #2048: Security sandbox violation
          Flex harUI Adobe Employee

          Smells like a bug.

           

          Alex Harui

          Flex SDK Developer

          Adobe Systems Inc.

          Blog: http://blogs.adobe.com/aharui

          • 2. Re: Error #2048: Security sandbox violation
            Dan McAdam Level 1

            thanks Alex...

             

            should I file a bug report in the tracker or are you ?

             

            (BTW: really appreciate all your hard work and great example code on your blog. I've used a lot of it <8-)

             

            Dan

            • 3. Re: Error #2048: Security sandbox violation
              Dan McAdam Level 1

              very interesting !

               

              I swapped out the HTTPService method for a straight URLLoader and that works fine.

               

              So, I'm guessing that maybe the Gumbo compiler is hanging on to the URL being used in the development environment (I don't know anything about compilers... but the conversion of the HTTPService url property to something that includes localhost:port# sounds like it)

               

              thanks for the input

              • 4. Re: Error #2048: Security sandbox violation
                essential1 Level 1

                I am having the same issue on one of my computers.  Cound you tell us how you swapped out the HTTPService method for a straight URLLoader?

                • 5. Re: Error #2048: Security sandbox violation
                  Dan McAdam Level 1

                  Sure...

                   

                  here's the code that contains both the HTTPService setup and the URLLoader setup... like i said in the original post.. the HTTPService call throws the error described, whereas the URLLoader call does not:

                  *************************

                  private var loader : URLLoader = new URLLoader();
                  private var req : URLRequest = new URLRequest("data/***dant_content.xml");//path obfuscated

                   


                  protected function Application_creationComplete():void
                  {

                      // This works...
                      loader.addEventListener( Event.COMPLETE, parseContent );
                      loader.addEventListener( IOErrorEvent.IO_ERROR, contentFault );

                      // This does not...
                      /* contentService.addEventListener( ResultEvent.RESULT, parseContent );
                          contentService.addEventListener(FaultEvent.FAULT, contentFault ); */
                      try
                      {
                          loader.load( req );
                      }
                      catch (err:Error)
                      {
                          Alert.show("In Try Catch Error Block: " + err.message);
                      }     
                          currentState='home';
                  }

                   

                  the HTTPService was set up like this: (again, i obfuscate the URLs for security)

                      <fx:Declarations>
                          <s:HTTPService id="contentService" url="data/***dant_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
                      </fx:Declarations>

                   

                  the parseContent function setup in the event listener justs reads the XML file and uses that data to build an image gallery.

                   

                  hope this helps (for what its worth: I'm not doing anything serious with Gumbo as of yet due to these kinds of bugs)

                  • 6. Re: Error #2048: Security sandbox violation
                    essential1 Level 1

                    Thanks much for your reply.  I am working with it...