Hi guys... I am trying to add a crossdomain file for my flash project...haven't done it before..and there are not too much information online....Anyone can help me about it??Thanks
+2
A:
Here is a copy of one that works for me
crossdomain.xml:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
this is in my document root folder http://mysite.com/
security sucks but it will get you up and running. If you want to only connections from one domain, change "*" to "http://my-allowed-domain.com"
my permissions on the file are also really strict 644. Just make it readable.
good luck!
pferdefleisch
2010-08-10 21:53:52
Do I have to do anything in my flash project or I just need to place it in my server?? It's not working when I only put it in the server...+1 though
Jerry
2010-08-10 22:03:07
you can add System.security.loadPolicyFile("http://yourdomain.com/crossdomain.xml"); to your flash file. I have had problems with the Flash IDE caching stuff so I recommend, if you have problems, to sometimes restart Flash (if you are using the Flash IDE). This whole thing has seemed pretty buggy to me sometimes. But, it's probably just me ;)
pferdefleisch
2010-08-10 22:41:40
Still not working....this is so bad....:(
Jerry
2010-08-10 22:57:24
-What- is not working? What are you trying to gain by having a crossdomain file on your server?
Tegeril
2010-08-11 03:45:12
I am trying to gain access from youtube video. well...let me show you my project.http://www.popslinger.org/vevoRevised/index.htmlyou will see the runtime error..
Jerry
2010-08-11 16:43:20
seems to be working now! PS. I thought it said pooslinger.org :)
pferdefleisch
2010-08-11 22:31:34
This answer's upvotes make me sad. Crossdomain policies exist for a reason: to prevent security breaches. Telling someone to use an open policy without even knowing what the problem is is like telling them to fix a connectivity problem by removing their firewall.
fenomas
2010-08-12 07:25:15
I guess I should have been more specific with "security sucks but it will get you up and running. If you want to only connections from one domain, change "*" to "http://my-allowed-domain.com""? cheer up dude.
pferdefleisch
2010-08-14 08:04:26
A:
There's no substitute for reading and understanding the recommendations and articles, and determining how much access you want to allow (or posting a lot more information so we can give accurate advice). If you just put up an "allow everything" policy in order to get your application working, you potentially compromise several kinds of security your site might implement.
fenomas
2010-08-10 23:00:02