Server security when using as3httpclient
31 views
Skip to first unread message
keeran
Mar 17, 2008, 9:25:56 AM3/17/08
to as3httpclient
Hi guys,
I found this library after looking for a way to get hold of the HTTP
headers when making requests. I've got my app ready to go now but when
I put it on the server I get errors about the security sandbox:
securityErrorHandler: [SecurityErrorEvent type="securityError"
bubbles=false cancelable=false eventPhase=2 text="Error #2048:
Security sandbox violation: http://site.com/web.swf cannot load data
from site.com:80."]
I've followed guides which say I need to set up the crossdomain policy
for this, but I'm not sure this is the correct approach - as far as I
recall Flash has always allowed connections to the serving host...this
is throwing me.
Any help will be appreciated!
Kee
I found this library after looking for a way to get hold of the HTTP
headers when making requests. I've got my app ready to go now but when
I put it on the server I get errors about the security sandbox:
securityErrorHandler: [SecurityErrorEvent type="securityError"
bubbles=false cancelable=false eventPhase=2 text="Error #2048:
Security sandbox violation: http://site.com/web.swf cannot load data
from site.com:80."]
I've followed guides which say I need to set up the crossdomain policy
for this, but I'm not sure this is the correct approach - as far as I
recall Flash has always allowed connections to the serving host...this
is throwing me.
Any help will be appreciated!
Kee
Abdul Qabiz
Mar 17, 2008, 12:45:20 PM3/17/08
to as3htt...@googlegroups.com
Hi,
as3httpclient uses Socket to do things. Flash Player 9,0,115,0 onwards require a policy file to be served over port 843 (from server) to allow any connection below 1024 (port).
This makes this library use-less. There is a better library with similar name as3httpclientlib, but again that's not of use.
You would need to make special arrangement to serve policy-file from the server, which is not possible always, unless you control the server.
Please check this out:-
http://www.abdulqabiz.com/blog/archives/flash_and_actionscript/must_read_security_c.php--
-abdul
---------------------------------------
http://abdulqabiz.com/blog/
---------------------------------------
as3httpclient uses Socket to do things. Flash Player 9,0,115,0 onwards require a policy file to be served over port 843 (from server) to allow any connection below 1024 (port).
This makes this library use-less. There is a better library with similar name as3httpclientlib, but again that's not of use.
You would need to make special arrangement to serve policy-file from the server, which is not possible always, unless you control the server.
Please check this out:-
http://www.abdulqabiz.com/blog/archives/flash_and_actionscript/must_read_security_c.php
-abdul
---------------------------------------
http://abdulqabiz.com/blog/
---------------------------------------
keeran
Mar 21, 2008, 7:03:05 AM3/21/08
to as3httpclient
Many thanks Abdul. It's a great library and it helped me catch up with
the AS tech loads! (I haven't done any serious Flash coding since...
the first MX).
I solved the first problem with a simple socket server in Python
delivering a sub 1024 crossdomain.xml which set your library free.
Since then I've discovered RubyAMF and remoting, so I might swing that
way now :)
Thanks once again,
Kee
On Mar 17, 4:45 pm, "Abdul Qabiz" <abdul.qa...@gmail.com> wrote:
> Hi,
>
> as3httpclient uses Socket to do things. Flash Player 9,0,115,0 onwards
> require a policy file to be served over port 843 (from server) to allow any
> connection below 1024 (port).
>
> This makes this library use-less. There is a better library with similar
> name as3httpclientlib, but again that's not of use.
>
> You would need to make special arrangement to serve policy-file from the
> server, which is not possible always, unless you control the server.
>
> Please check this out:-
>
> http://www.abdulqabiz.com/blog/archives/flash_and_actionscript/must_r...
the AS tech loads! (I haven't done any serious Flash coding since...
the first MX).
I solved the first problem with a simple socket server in Python
delivering a sub 1024 crossdomain.xml which set your library free.
Since then I've discovered RubyAMF and remoting, so I might swing that
way now :)
Thanks once again,
Kee
On Mar 17, 4:45 pm, "Abdul Qabiz" <abdul.qa...@gmail.com> wrote:
> Hi,
>
> as3httpclient uses Socket to do things. Flash Player 9,0,115,0 onwards
> require a policy file to be served over port 843 (from server) to allow any
> connection below 1024 (port).
>
> This makes this library use-less. There is a better library with similar
> name as3httpclientlib, but again that's not of use.
>
> You would need to make special arrangement to serve policy-file from the
> server, which is not possible always, unless you control the server.
>
> Please check this out:-
>
>
>
>
> On Mon, Mar 17, 2008 at 6:55 PM, keeran <kee...@gmail.com> wrote:
>
> > Hi guys,
>
> > I found this library after looking for a way to get hold of the HTTP
> > headers when making requests. I've got my app ready to go now but when
> > I put it on the server I get errors about the security sandbox:
>
> > securityErrorHandler: [SecurityErrorEvent type="securityError"
> > bubbles=false cancelable=false eventPhase=2 text="Error #2048:
> > Security sandbox violation:http://site.com/web.swfcannot load data
>
>
> On Mon, Mar 17, 2008 at 6:55 PM, keeran <kee...@gmail.com> wrote:
>
> > Hi guys,
>
> > I found this library after looking for a way to get hold of the HTTP
> > headers when making requests. I've got my app ready to go now but when
> > I put it on the server I get errors about the security sandbox:
>
> > securityErrorHandler: [SecurityErrorEvent type="securityError"
> > bubbles=false cancelable=false eventPhase=2 text="Error #2048:
Reply all
Reply to author
Forward
0 new messages