Ultrashock Forums > Flash > Data Communication
Flash 9 Security and Crossdomain.xml

You are currently viewing our website as a guest which gives you limited access to forums, files and other resources.

Click here to join now for free, and start interacting with our members, download files and much more!

Click here if you are looking for our Flash files and other professional assets.
  
Post Reply | View first unread | Rate Thread Search this Thread | Thread Tools | Display Modes

#1
Bookmark and Share!
Flash 9 Security and Crossdomain.xml
Old 2008-10-06

HI,

We are struggling with a small problem since the Flash 9 plugin has become available. The website: http://www.impartproductions.com/Jump/ is using a webservice to import data into a flash site.
For some reason the data doesn't load, due to the crossdomain.xml file security changes flash 9 has made.

Is there anyone who could fix the crossdomain.xml file with the right settings? http://www.importpartners.com/crossdomain.xml

I have tried some things described in this article, but can't figure it out right...
http://www.adobe.com/devnet/flashpla...y_changes.html


thanx in advance
postbit arrow 4 comments | 2791 views postbit arrow Reply: with Quote   
Registered User
 D-ziner is offline
seperator
Posts: 3
2003-05-08
Age: 34
seperator

Ultrashock Member Comments:
Nutrox's Avatar Nutrox Nutrox is offline Super Moderator Nutrox lives in United Kingdom 17 Creative Assets 2008-10-06 #2 Old  
Welcome to Ultrashock, D-ziner.

If www.jumperrecords.com is trying to access www.impartproductions.com then give this a try...

Code:
<?xml version="1.0" encoding="utf-8" ?> 
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
	<site-control permitted-cross-domain-policies="all"/>
	<allow-access-from domain="www.jumperrecords.com"/>
	<allow-http-request-headers-from domain="www.jumperrecords.com" headers="SOAPAction"/>
</cross-domain-policy>
Keep in mind that subdomains (i.e. beats.jumperrecords.com) also need to be given access, so depending on how you have things setup you might want to try this version instead...

Code:
<?xml version="1.0" encoding="utf-8" ?> 
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
	<site-control permitted-cross-domain-policies="all"/>
	<allow-access-from domain="*.jumperrecords.com"/>
	<allow-http-request-headers-from domain="*.jumperrecords.com" headers="SOAPAction"/>
</cross-domain-policy>
Let us know how you get on.
Reply With Quote  
D-ziner D-ziner is offline 2008-10-07 #3 Old  
Hi,

I've changed the crossdomain.xml file like you said and uploaded on http://www.importpartners.com/crossdomain.xml

Unfortunatlly no change on http://www.impartproductions.com/Jump/ :: http://www.jumperrecords.com

I have tried numerous combinations with the domainnames but no luck. Could it be there has to be changed something in the actionscript files? (Website was made with Flash MX)

thnx
Reply With Quote  
D-ziner D-ziner is offline 2008-10-13 #4 Old  
This script did the trick:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>
Reply With Quote  
Nutrox's Avatar Nutrox Nutrox is offline Super Moderator Nutrox lives in United Kingdom 17 Creative Assets 2008-10-13 #5 Old  
Yeah that isn't very secure though, you are basically granting any SWF from any domain full access to your public website files and services. I will hunt around the Adobe site today to see if anyone else has had problems with Flash MX files.
Reply With Quote  
Thread Tools
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread: