Flash - HTTP requests won't work on localhost.

Question

First off, I'm trying to fix something that I didn't build to begin with and the guy who's project it was assures me it was working fine when he left, although a version I haven't touched since he left seems to have the same issues. I'm also a bit new to programming in general so let me know if I've left out important information in my first post and I will try to add more info.

I have a flash application hosted on-line that acts as a client for a server application written in Delphi. Most of the communication is done using sockets, which work fine. Uploading data files and downloading results files is done using HTTP requests, which work fine as long as the user is making use of an instance of the server on another computer. However, if the user has the server application installed on their own computer and attempts to use it specifying localhost as the url, the socket communication still works, but the HTTP requests don't.

All the socket based communication works fine and, when it is not on the localhost, all the HTTP requests work fine as well, which is why this is so mystifying to me. I've tried changing the flash cross-domain policy file that the server dispatches to be completely permissive, all ports, all domains, all http-request-headers, and still no luck.

The Flash app will sit waiting for localhost indefinitely most of the time until I close the server application, and then give this error message:

Error #2044: Unhandled SecurityErrorEvent:. text=Error #2048: Security sandbox violation: http://abcde.com/Testing.swf cannot load data from http://localhost:2188/guid=53D569A8-56EA-4AC2-BDA0-2F43525E1378.

I've tried hosting it on multiple computers, each machine can access the instance on another just fine, but won't work when it tries to work with its own instance.

Also, if I simply put http://localhost:2188/guid=53D569A8-56EA-4AC2-BDA0-2F43525E1378 in to a web browser, the results file I am trying to get pops up just fine.

Here's the chunk of code in the flash app that attempts to download the file:

private function downloadFile():void
{
    trace("downloadFile: " + this.guid + " from " + this.server.URL);
    fileRef.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);
    fileRef.addEventListener(ProgressEvent.PROGRESS, downloadProgressHandler);
    var ur:URLRequest = new URLRequest("http://" + _server.URL + ":" + _server.port);
    ur.url += "/guid=" + _guid;
    ur.method = URLRequestMethod.GET;
    fileRef.download(ur, _filename);
    _downloadStart = true;
}

If anyone has any insight at all, I would be grateful because I am completely out of ideas here.

Answer 1

This is a limitation of the flash player's security model. To get around this problem, you can package your flash as an AIR application and have many of these security restrictions lifted.

You may also have better success if you host your flash file on a web server instead of accessing the .swf locally.

Another thing that you won't be able to do is access local files from the flash player, this is another example of something you can do with the AIR runtime that you cannot do in the flash player.