Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Mr. Muskrat (4572)

Mr. Muskrat
  reversethis-{moc ... ta} {tarksum.rm}

I'm married with 2 girls. I work as a full time Perl programmer for a Land Mobile Radio company in the Dallas/Fort Worth area.

I am enrolled at the Art Institute of Pittsburgh - Online working towards a Bachelor of Science in photography.

My other blog [blogspot.com]

Journal of Mr. Muskrat (4572)

Thursday April 17, 2008
06:41 PM

Flash Socket Policy Changes

[ #36183 ]

At work we have this web based app that uses Flash to open a socket and pass along any data it receives to the JavaScript. Everything was working well until Flash rolled out 9,0,124,0. Now our app cannot make the socket connection (to the same domain that hosts the SWF) because we don't have a policy file. So I read all the articles they provided and followed their directions to get one set up (with a process set up on port 843 to hand out the policy file).

So I try out our web based app only to see this show up:

Web Based App::securityErrorHandler: [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048: Security sandbox violation: http://someserver/flash.swf cannot load data from someserver:12345."]

So I installed the debug version of Flash Player and configured my mm.cfg with 'PolicyFileLog=1' so that Flash will create a log with the profile information in it (profilelog.txt ). What do I see in profilelog.txt?

OK: Root-level SWF loaded: http://someserver/flash.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at xmlsocket://someserver:12345 by requestor from http://someserver/flash.swf
Warning: [strict] Ignoring policy file at xmlsocket://someserver:843 due to incorrect syntax.  See http://www.adobe.com/go/strict_policy_files to fix this problem.

I reread all of the articles and go through the steps of creating the policy file only this time I use their example file:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">

<!-- Policy file for xmlsocket://socks.example.com -->
<cross-domain-policy>

   <!-- This is a master socket policy file -->
   <!-- No other socket policies on the host will be permitted -->
   <site-control permitted-cross-domain-policies="master-only"/>

   <!-- Instead of setting to-ports="*", administrator's can use ranges and commas -->
   <!-- This will allow access to ports 123, 456, 457 and 458 -->
   <allow-access-from domain="swf.example.com" to-ports="123,456-458" />

</cross-domain-policy>

I hit the web app again. I was expecting it to be accepted but still throw the securityErrorHandler. Instead I received the same exact error! Their example policy file is invalid! I then tried to remove the comments and blank lines but that was still invalid.

Next I tried using one that I found on the net:

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
        <allow-access-from domain="someserver" to-ports="12345"/>
        <site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

Of course it too was invalid.

I tried every possible combination that I can think of and nothing worked. So I made a call to Adobe tech support. Once I had the guy understanding what was happening he had me pull up the app and look at the profilelog.txt. The only thing is that it worked this time. Yeah, that's right folks, apparently calling tech support will fix it automatically. (Even if that were true, it would be totally impractical.)

After I hung up, I SCPed the file to another server and tried to get it working there. No luck. I received the invalid syntax error every time in profilelog.txt. I've tried everything but simply couldn't get it working on the second server.

So my boss tells me that we'll just make sure that we ship a version of the Flash Player that does work. Great! I'll just back out all of my changes, uninstall Flash 9,0,124,0 and install the old Flash Player. Except that I can't get any old version of the Flash Player to install in IE. It'll only install 9,0,124,0!

Finally I decided that I had better reinstate the files to the development server since it looks like we do have to get this thing working. Guess what? I can't get it to work on the original server again.

*sigh*

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.