My Flash/Flex application is having a problem. For a few months it was able to download files from Twilio but now I'm getting the following error:
(I've had to remove hyperlinks, so imagine "ttp" is really "http". 🙂
SecurityErrorEvent
type="securityError" bubbles=false
cancelable=false eventPhase=2
text="Error #2048: Security sandbox
violation:
ttp://localhost/myapp.swf?v=1 cannot
load data from
ttp://api.twilio.com/."
I enabled policy logging on my flash plugin and get the following messages:
OK: Searching for
in policy files to authorize data
loading from resource at
ttp://api.twilio.com/
by requestor from
ttp://localhost/myapp.swf?v=1
Warning: [strict] Policy file
requested from
ttp://api.twilio.com/crossdomain.xml
redirected to
ttps://api.twilio.com/crossdomain.xml;
will use final URL in determining
scope. Warning: Domain api.twilio.com
does not specify a meta-policy.
Applying default meta-policy
'master-only'. This configuration is
deprecated. See
ttp://www.adobe.com/go/strict_policy_files
to fix this problem. OK: Policy file
accepted:
ttps://api.twilio.com/crossdomain.xml
Error: Request for resource at
ttp://api.twilio.com
by requestor from
ttp://localhost/myapp.swf?v=1 is
denied due to lack of policy file
permissions.
So it looks to me like the problem is that Twilio doesn't specify a "meta-policy". Is there a way for me to get around this?
Best Answer
localhostandtwilio.comare not in the same domain so of course you will get a security error. Twilio needs to add this node into the crossdomain:Also, make sure your embedding is up to par:
If Twilio won't update the crossdomain.xml then you can install a proxy on the server hosting your flex app and grab the data via your proxy.