views:

19

answers:

1

First off, I'm trying to fix something that I didn't build to begin with and the guy who's project it was assures me it was working fine when he left, although a version I haven't touched since he left seems to have the same issues. I'm also a bit new to programming in general so let me know if I've left out important information in my first post and I will try to add more info.

I have a flash application hosted on-line that acts as a client for a server application written in Delphi. Most of the communication is done using sockets, which work fine. Uploading data files and downloading results files is done using HTTP requests, which work fine as long as the user is making use of an instance of the server on another computer. However, if the user has the server application installed on their own computer and attempts to use it specifying localhost as the url, the socket communication still works, but the HTTP requests don't.

All the socket based communication works fine and, when it is not on the localhost, all the HTTP requests work fine as well, which is why this is so mystifying to me. I've tried changing the flash cross-domain policy file that the server dispatches to be completely permissive, all ports, all domains, all http-request-headers, and still no luck.

The Flash app will sit waiting for localhost indefinitely most of the time until I close the server application, and then give this error message:

Error #2044: Unhandled SecurityErrorEvent:. text=Error #2048: Security sandbox violation: http://abcde.com/Testing.swf cannot load data from http://localhost:2188/guid=53D569A8-56EA-4AC2-BDA0-2F43525E1378.

I've tried hosting it on multiple computers, each machine can access the instance on another just fine, but won't work when it tries to work with its own instance.

Also, if I simply put http://localhost:2188/guid=53D569A8-56EA-4AC2-BDA0-2F43525E1378 in to a web browser, the results file I am trying to get pops up just fine.

Here's the chunk of code in the flash app that attempts to download the file:

private function downloadFile():void
{
    trace("downloadFile: " + this.guid + " from " + this.server.URL);
    fileRef.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);
    fileRef.addEventListener(ProgressEvent.PROGRESS, downloadProgressHandler);
    var ur:URLRequest = new URLRequest("http://" + _server.URL + ":" + _server.port);
    ur.url += "/guid=" + _guid;
    ur.method = URLRequestMethod.GET;
    fileRef.download(ur, _filename);
    _downloadStart = true;
}

If anyone has any insight at all, I would be grateful because I am completely out of ideas here.

A: 

This is a limitation of the flash player's security model. To get around this problem, you can package your flash as an AIR application and have many of these security restrictions lifted.

You may also have better success if you host your flash file on a web server instead of accessing the .swf locally.

Another thing that you won't be able to do is access local files from the flash player, this is another example of something you can do with the AIR runtime that you cannot do in the flash player.

Kekoa
It actually is hosted on a web server at the moment. I was hoping that this wasn't the case since the socket communication worked fine. I had assumed/hoped that flash wouldn't differentiate between "http://localhost:2188/awdwaf" and "http://abcde.com/awdwaf" as far as security restrictions go.Am I likely to run in to similar issues if I try to use the socket connections to get the files? An AIR application isn't really feasible in this situation so I'm going to need to find another solution.
Md Derf
Yeah I remember dealing with that, for some reason it matters to Flash to restrict localhost access. I imagine if you can find some other flash player runtime without the security restrictions, your .swf should run fine. I am not sure if one exists, other than the AIR runtime.
Kekoa