I am struggling with getting a Flex SWF (which is embedded in JSP) to access remote data (from another domain).
I have a crossdomain.xml (which is embedded in my SWF). Its content is as follows:
<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
In my main.xml I load the crossdomain.xml file using:
Security.loadPolicyFile("http://www.mysite.com:8380/CSS/ReviewItemsServer/crossdomain.xml");
When I access the JSP webpage via the browser, the embedded SWF tries to do a Java remoting call and I get the following error:
Error string = Send failed
Error code = Client.Error.MessageSend
Error details = Channel.Security.Error error Error #2048:
Security sandbox violation: http://www.mysite.com/CSS/ReviewItemsServer/ReviewItemsMain.swf
cannot load data from http://www.mysite.com:8380/CSS/ReviewItemsServer/messagebroker/amf. url:
I am pretty sure that the crossdomain.xml file actually get loaded by the SWF as I have created a simple URLLoader to load the xml file and check that there is no error. So I dont think that is an issue…
When I run the SWF in debug mode…I also see the following error message:
Error: [strict] Ignoring policy file at http://www.mysite.com:8380/CSS/ReviewItemsServer/crossdomain.xml due to missing Content-Type. See http://www.adobe.com/go/strict_policy_files to fix this problem.
Any help would be greatly appreaciated….
Mark
Best Answer
You need a master policy file at http://www.mysite.com:8380/crossdomain.xml with the following contents:
That will permit crossdomain policy files in subdirectories to be used.