tags:

views:

20

answers:

1
Q: 

Flash Channel.Security.Error Unable to access remote resource

I tried to deploy my otherwise working flex app on a web server (tomcat 6). It threw a Channel.Security.Error. After some research, I became aware that flash movie loaded from flash_movie_domain will not be able to load resource from any other domain. Some suggested adding a crossdomain.xml. However, the crossdomain.xml route doesn't quite make sense.

In this case, I am loading resources from a third party web site. My understanding is that I need this third party website to include a crossdomain.xml on their root directory in order for app to function. The third party web service is provided as is. I will not be able to change what's given. Since the third party is providing public access, it already explicitly give permission to the general public. Adding a crossdomain.xml to their root seems to be a redundant act?

At the end of the day, I need to figure out a way to access the third party web service from a flash movie loaded from my domain. Thanks.

A: 

It sounds like you already have your answer.

This third party web site will need add a crossdomain.xml file that will allow the Flash Player to access data from this third party domain.

I'm unclear how this third party web site has provided you permission to access their data. But, the Flash Player is placed in a sandbox by the browser. The crossdomain.xml file gives permission for the Flash Player to move out of it's sandbox for the purpose of accessing the remote domain.

There is nothing redundant about saying something can do done; and giving providing the technical tools to help make it happen.

Your alternative is to not access the site from Flash. You might be able to use an intermediary proxy to retrieve the data and send it back to flex. But, it depends on the type of data.

www.Flextras.com  2010-07-31 12:45:22
The third party web service is open to public. I can run my Flash app in the Local-Trusted sandbox. In that sense, the owner of the third party web service has implicitly given permission to the public to their service. By moving my Flash app into Remote sandbox, Flash Player itself restricted the access of the app, not the original provider of the resource. Basically, Flash Player requires all public web sites to declare that they allow certain access via crossdomain.xml.
Candy Chiu  2010-07-31 18:56:22
You said: "Basically, Flash Player requires all public web sites to declare that they allow certain access via crossdomain.xml" That is correct! I believe such an approach is designed to help prevent cross site scripting attacks; but such is not my expertise.
www.Flextras.com  2010-07-31 20:56:19

related questions

Silverlight vs Flex
Executing JavaScript from Flex: Is this javascript function dangerous?
How To Get Label Of Combobox to Fade In Flex
How do I change the title bar icon in Adobe AIR?
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Flex: does painless programmatic data binding exist?
SoapException: Root element is missing occurs when .NET web service called from Flex
Any recommendations for in-depth Flex training?
How do I restyle an Adobe Flex Accordion to include a button in each canvas header?
Deleting / Replacing A Node in E4X (AS3 - Flex)
How can I "unaccept" a drag in Flex?
Printing Flex components in FireFox 3
Is it possible to add behavior to a non-dynamic ActionScript 3 class without inheriting the class?
How do I get rid of the "multiple describeType entries" warning?
Open local file with AIR / Flex
Flex / Air obfuscation
Adobe Flex component events
Can you access the windows registry from Adobe Air?
Actionscript 3 - Fastest way to parse yyyy-mm-dd hh:mm:ss to a Date object?
Adobe Air - Using multiple SQLite databases at once
How can I unit test Flex applications from within the IDE or a build script?
Best way to learn Flash?
Get the current logged in OS user in Adobe Air
Adobe air - SQLStatement.execute() - Multiple queries in one statement
Unloading a ByteArray in Actionscript 3.