2 Replies Latest reply on Apr 11, 2011 5:03 PM by mikef_pm

    Incorrect syntax in cross domain policy file




      I am trying to setup a policy file for my Flex application. I want to server the policy file from Jetty, at the URL http://localhost:8181/crossdomain.xml - The flex client then needs to access our server at http://localhost:8181/app/blah.


      My cross domain policy file looks like this:



      <site-control permitted-cross-domain-policies="master-only"/>

      <allow-access-from domain="localhost"/>



      (note I have also tried having a 'to-ports="8181"' attribute in the allow-access-from node, but according to the XSD at http://www.adobe.com/xml/schemas/PolicyFileHttp.xsd this is not valid. As per the documentation (http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html#msg_malformed) , I have made sure that there are no leading or trailing characters in the XML, and there is no text inside the tags.


      The HTTP header for 'http://localhost:8181/crossdomain.xml' has a content-type which should be accepted by Flex:




      GET /crossdomain.xml HTTP/1.1

      Host: localhost:8181

      User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv: Gecko/20100401 Firefox/3.6.3

      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

      Accept-Language: en-us,en;q=0.5

      Accept-Encoding: gzip,deflate

      Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

      Keep-Alive: 115

      Connection: keep-alive

      If-Modified-Since: Sun, 10 Apr 2011 23:56:14 GMT


      HTTP/1.1 304 Not Modified

      Server: Jetty(6.1.22)


      Yet the policyfiles.txt log from Flex has a syntax error:
      OK: Policy file accepted: http://localhost:8181/crossdomain.xml
      OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at xmlsocket://localhost:8181 by requestor from http://localhost:8181/app/ui/v2/referrerPortal/Main.swf
      OK: Policy file accepted: http://localhost:8181/crossdomain.xml
      Warning: [strict] Ignoring policy file at xmlsocket://localhost:8181 due to incorrect syntax.  See http://www.adobe.com/go/strict_policy_files to fix this problem.
      Error: SWF from http://localhost:8181/app/ui/v2/referrerPortal/Main.swf may not connect to a socket in its own domain without a policy file.  See http://www.adobe.com/go/strict_policy_files to fix this problem.
      I have managed to get the policy file to work using the 'flashpolicyd_v0.6' tool provided by Adobe, but not from our HTTP server....
      Anyone know how to fix it?