How to correctly connect flash .swf to the site so that cross-domain requests can pass?

W

WEBIVAN2013-02-07 11:56:28

ActionScript

WEBIVAN, 2013-02-07 11:56:28

Good afternoon.
It is required to receive data from gdata.youtube.com/ , which has both the resolving crossdomain.xml and the necessary headers.
There is a .swf file in which the data is obtained through

var loader:URLLoader = new URLLoader();
 var request:URLRequest = new URLRequest(_url);
 loader.load(request);
 loader.addEventListener(Event.COMPLETE, onComplete);
 loader.addEventListener(IOErrorEvent.IO_ERROR,ioErrHandler);
 loader.addEventListener(SecurityErrorEvent.SECURITY_ERROR,secErrorHandler);
 loader.addEventListener(HTTPStatusEvent.HTTP_STATUS,statusHttpHandler);
 function statusHttpHandler(event:HTTPStatusEvent):void {
  Alert.show("HTTPStatusEvent"+event.status)
 }
 function ioErrHandler(event:IOErrorEvent):void {
  Alert.show("Error load xml")
 }
 function secErrorHandler(event:SecurityErrorEvent):void {
  Alert.show("SecurityErrorEvent"+event.text)
 }
 function onComplete(event:Event):void {
  var loader:URLLoader = URLLoader(event.target);
  externalXML = new XML(loader.data);
  funResult(externalXML.toXMLString());
 }

Everything is OK from the localhost, but transferring to the server (let's call it example.com, (domain zone .com)) we get

SecurityErrorEventError #2048: Security sandbox violation: example.com/sob_client.swf?v=37767 cannot load data from gdata.youtube.com/someurl

Cross-domain ajax from this server passes without problems.

The flash connection code is as follows

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="1000" height="1130" id="sob_client" data="sob_client.swf?v=96745">
  <param name="movie" value="sob_client.swf?v=96745">
  <param name="quality" value="high">
  <param name="bgcolor" value="#ffffff">
  <param name="allowScriptAccess" value="Always">
  <param name="allowNetworking" value="All">
  <param name="allowFullScreen" value="true">
  <param name="wmode" value="opaque">
  <param name="FlashVars" value="__serverURL=rtmp://example.com:1935&__lang=ru&__typeDrink=1&__msg_func=msgrecieved&__new_partner=new_partner">
  <!--[if !IE]>-->
  <object type="application/x-shockwave-flash" data="sob_client.swf?v=2918" width="1000" height="1130">
    <param name="quality" value="high">
    <param name="bgcolor" value="#ffffff">
    <param name="allowScriptAccess" value="Always">
    <param name="allowNetworking" value="All">
    <param name="allowFullScreen" value="true">
    <param name="wmode" value="opaque">
    <param name="FlashVars" value="__serverURL=rtmp://example.com:1935&__lang=ru&__typeDrink=1&__msg_func=msgrecieved&__new_partner=new_partner">
    <!--<![endif]-->
    <!--[if gte IE 6]>-->
    <p>Either scripts and active content are not permitted to run or Adobe Flash Player version 11.1.0 or greater is not installed.                    </p>
    <!--<![endif]-->
    <a href="http://www.adobe.com/go/getflashplayer">
      <img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash Player">
    </a>
    <!--[if !IE]>-->
  </object>
  <!--<![endif]-->
</object>

Actually the question is:
What to fix / add to the connection code or AS code of the flash, so as not to run into a Security sandbox violation?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

spmbt, 2013-02-07
@WEBIVAN

Maybe you have https or a 3rd level domain name, why, they say in kb2.adobe.com/cps/142/tn_14213.html , maybe

however, these are no longer compatible in Flash Player 7 because of exact domain matching rules. An additional rule, also added under Flash Player 7, is content accessed via HTTP may not access data from a HTTPS location.