CODEWITHSUNDEEP
actionscript-3socketsflex3content-typepolicy
Tom
Tom

Reputation: 8127

How to make my PHP Socket Server send a policy file to flash clients?

My flash game needs to connect to my PHP Socket Server. Because of security things, a policy file has to be send to the flash client when it tries to connect.

The following is what I've done.

In Actionscript / Flex 3 / Flash:

Security.loadPolicyFile("http://[SERVER.IP]:9000/crossdomain.xml");
socket.connect(hostName, port); //connect to the socket
[rest of original code]

To make the socket server respond on the request, I added the following to the server:

elseif (preg_match("/policy-file-request/i", $buffer) or preg_match("/crossdomain/i", $buffer)) {
                    socket_write($socket, '<?xml version="1.0"?><cross-domain-policy><site-control permitted-cross-domain-policies="all"/><allow-access-from domain="*" to-ports="9000" /></cross-domain-policy>');
                    unset($read_sockets[array_search($socket, $read_sockets)]);
                    socket_shutdown($socket, 2);
                    socket_close($socket);

I however get the following error: "Ignoring policy file at (URL) due to missing Content-Type." So, I tried to fix this by adding a header right above my xml code:

socket_write($socket, "Content-Type: text/xml\n");

Unfortunately, I still get the same error. Am I giving the content type in a wrong way?

Upvotes: 1

Views: 5078

Answers (5)

back2dos
back2dos

Reputation: 15623

you can load the policyfile from any port of the server using Security.loadPolicyFile() ... maybe you should simply serve it per http on port 80, load it from there and then connect to the server ...

also, by default, i think flashplayer 9 (upwards from some minor version) sends a policyfile request to port 943 by default ... so you might put a server there, to do that ...

a little side note: PHP was never designed for socket servers and is not very good at that ... if you can, try using Java, or NekoVM, that you can use with Haxe ... also Haxe remoting, as well as ThreadedRemotingServer might be of interest to you ... there's some good and clear tutorials on the Haxe site ...

Upvotes: 2

Thomas
Thomas

Reputation: 11

if(trim($buffer) == '<policy-file-request/>') {
$policy_file =
    '<'.'?xml version="1.0" encoding="UTF-8"?'.'>'.
    '<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFileSocket.xsd">'.
        '<allow-access-from domain="*" to-ports="*" secure="false" />'.
        '<site-control permitted-cross-domain-policies="master-only" />'.
    '</cross-domain-policy>';

socket_write($socket, $policy_file.chr(0));
}

works fine for me, the client will request a policy file, disconnect, then reconnect after receiving the policy file

Upvotes: 1

Mauricio
Mauricio

Reputation: 387

Try sending this:

HTTP/1.1 200 OK\r\nContent-Type: text/xml\r\n\r\n

Make sure nothing is sent before this. Also, send a \r\n before the socket is closed.

Upvotes: 2

mthurlin
mthurlin

Reputation: 27285

You need to return a valid HTTP response if you are going to use:

Security.loadPolicyFile("http://[SERVER.IP]:9000/crossdomain.xml");

If the flash is going to connect to your PHP socket server, just skip the above line and it will try the port itself and expect raw data instead of a HTTP response.

Upvotes: 3

Mauricio
Mauricio

Reputation: 387

Try it with \r\n after the Content-Type.

socket_write($socket, "Content-Type: text/xml\r\n");

Shouldn't you be using a xmlsocket on port 843?

Upvotes: 1

Related Questions