strider820
Reputation: 3720
Why does flash block me from loading a cross domain swf only in one case?
This works:
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://foo.com/flash/flash.swf by requestor from http://bar.com/flash/old.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://foo.com/flash/flash.swf by requestor from http://bar.com/flash/old.swf
OK: Policy file accepted: https://foo.com/crossdomain.xml
OK: Request for resource at https://foo.com/flash/flash.swf by requestor from http://bar.com/flash/old.swf is permitted due to policy file at https://foo.com/crossdomain.xml
This Fails:
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at
https://foo.com/flash/flash.swf
by requestor from http://bar.com/flash/new.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at
https://foo.com/flash/flash.swf
by requestor from http://bar.com/flash/new.swf
Warning: [strict] Policy file requested from
https://foo.com/crossdomain.xml redirected to https://foo.com/crossdomain.xml; will use final URL in determining scope. See http://www.adobe.com/go/strict_policy_files if this causes problems.
OK: Policy file accepted: https://foo.com/crossdomain.xml
Error: Request for resource at
https://foo.com/flash/flash.swf
by requestor from http://bar.com/flash/new.swf is denied due to lack of policy file permissions.
The only differences that I can find are:
1) different "from" swf files, but that shouldn't change anything
2) weird redirect warning for new.swf's attempt
The crossdomain.xml from foo.com contains:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>
Both my old and my new swfs use this code to load in the third party swf:
var strURL:String = this.videoParameters.media_url;
// replace [timestamp]
strURL = strURL.replace(
"[timestamp]",
(new Date()).valueOf().toString()
);
// use LoaderContext for domain security
this._oSWFApplicationDomain = new ApplicationDomain();
var oContext : LoaderContext = new LoaderContext(
false,
this._oSWFApplicationDomain, // ApplicationDomain must be separate
SecurityDomain.currentDomain
);
this._oSWF = new Loader();
var oLoader:LoaderInfo = this.oSWF.contentLoaderInfo;
// start media load timeout
this._oManager.startMediaTimer();
// listen for when the SWF completely loads itself
oLoader.addEventListener(
Event.COMPLETE,
this.onLoadComplete,
false,
0,
true
);
// listen for any error that may occur while trying to load
oLoader.addEventListener(
IOErrorEvent.IO_ERROR,
this.onLoadError,
false,
0,
true
);
var oURLRequest : URLRequest = new URLRequest(strURL);
this.oSWF.load(oURLRequest, oContext);
Upvotes: 3
Views: 165
Answers (1)
mooyah
Reputation: 76
The problem is probably due to the fact that your source URL of the SWF you are loading has some whitespace in it. Either at the beginning or end, not sure which is the issue, but that causes flash to load the crossdomain.xml and then get a security error. Yay for flash.
Upvotes: 2
Related Questions
- Accessing a swf from another domain
- loading swf from AmazonS3 - crossdomain policy
- Using crossdomain.xml when serving a .swf from a domain that is NOT the domain of the web page it appears on
- Classes don't match between main SWF and runtime loaded SWF from another domain
- AS3: scripting a cross domain loaded swf
- Differences between flash and web browser loading remote swf
- Loading one external SWF into another SWF across domains
- Loading external SWF file issue
- Cannot load swf from another domain
- External SWF Loading problem