1 Reply Latest reply on Dec 20, 2009 6:47 PM by asaad970

    Security Sandbox Issues with Flex/AS3 and AppEngine

    sgammon10

      I'm having trouble with an AS3 AMF RemoteObject request that is hosted on App Engine. I have a crossdomain.xml file in the root of the domain, and also one at the remoting endpoint.

       

      Here are the contents of the root crossdomain.xml:

       

      <?xml version="1.0"?>
      <cross-domain-policy>
      <site-control permitted-cross-domain-policies ="all"/>
      <allow-access-from domain="*.appspot.com"/>
      <allow-access-from domain="*.{appid}.appspot.com"/>
      <allow-access-from domain="*.{appid}.com"/>
      <allow-access-from domain="*.{appid}.org"/>
      </cross-domain-policy>

       

      I have replaced my application's ID with {appid}. In the endpoint crossdomain.xml, it says the exact same thing, except it omits the <site-control> tag.

       

      Loading the swf file and testing it on my machine works just fine... I think that may have something to do with me having the debugger version of Flash Player.

       

      When I push it up to App Engine to make it public, other clients access it and get a Client.Error.MessageSend Channel.Security.Error error Error #2048 url: http://05-alpha.latest.{appid}.appspot.com/_rpc/data.

       

      I am using Flex 4 beta, and the App Engine Python runtime.

       

      Thanks in advance for any help.