I'm trying to load profile images (friend images) from Facebook with AS3 but I seem to be running into a security issue.
I'm currently using the "official" Adobe Facebook API for Actionscript 3 which works fine. However, I seem to be having trouble loading profile images when running my application in a browser. The images load fine when running in the Flash IDE.
The images are being loaded from https://graph.facebook.com and there seems to be a crossdomain.xml policy on that domain:
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<site-control permitted-cross-domain-policies="master-only" />
</cross-domain-policy>
In other sources I found that adding a ContextLoader to my Loader object when loading the image should solve the problem but this doesn't seem to be the case either:
loader = new Loader();
// add some listeners here...
loader.load( new URLRequest( "imageurl" ), new LoaderContext(true) );
I'm not quite sure how to proceed at the moment. I was hoping that the Adobe Facebook API would provide assistance in this but I can't seem to find anything that solves this issue.
Any help greatly appreciated.
UPDATE:
I just noticed that when I visit one of the images in a browser that I'm actually redirected to Facebook's CDN where the actual image is stored. When I hard-code the image url with the redirected URL I can load the image in the browser. It seems that this is not a security issue after all but a redirection issue.
If this is a redirection issue then the question would become; How can I have Flash Player load an image from a redirected URL?
UPDATE 2:
It seems that the URLRequest class has a followRedirects property which is only available in AIR.
UPDATE 3:
I'm currently using a PHP script to get me the redirected URL as a work around but this of course is far from ideal and potentially a big strain on my server.