According to this: (http://livedocs.macromedia.com/flex/2/docs/wwhelp/wwhimpl/common/html/w\ whelp.htm?ontext=LiveDocs_Parts&file=00001950.html <http://livedocs.macromedia.com/flex/2/docs/wwhelp/wwhimpl/common/html/w\ whelp.htm?ontext=LiveDocs_Parts&file=00001950.html> )
A policy file affects access only to the particular server on which it resides. For example, a policy file located at https://www.adobe.com:8080/crossdomain.xml <https://www.adobe.com:8080/crossdomain.xml> will apply only to data-loading calls made to www.adobe.com <http://www.adobe.com> over HTTPS at port 8080. I can't do what I want to do. That is, I can't deliver a policy file on port 80, that affects access on port 9998. I resorted to extending the Python XML-RPC server to support the GET method in that particular case where the requested path is /crossdomain.xml. Thanks for your help. Tobias --- In flexcoders@yahoogroups.com, "Carson Hager" <[EMAIL PROTECTED]> wrote: > > If a 501 is returned, then the flash player is able to make the call. > The problem is that it issued a GET and your server is telling you that > GET is not supported. You likely need to post the request. > > > Carson > > ____________________________________________ > > Carson Hager > Cynergy Systems, Inc. > http://www.cynergysystems.com <http://www.cynergysystems.com/> > > Email: [EMAIL PROTECTED] > Office: 866-CYNERGY > Mobile: 1.703.489.6466 > > > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of tobiaspatton > Sent: Thursday, November 23, 2006 9:22 AM > To: flexcoders@yahoogroups.com > Subject: [flexcoders] Re: crossdomain file and ports > > > > That's what I thought, but it's not working. > > I have this crossdomain.xml file on the XML-RPC server, being delivered > by IIS on port 80: > > <?xml version="1.0"?> > <cross-domain-policy> > <allow-access-from domain="*" to-ports="*"/> > </cross-domain-policy> > > In the creationComplete handler for my main application, have this: > > Security.loadPolicyFile( "http://cscperf1.creo.com:80/crossdomain.xml > <http://cscperf1.creo.com:80/crossdomain.xml> " ); > > Even with all this in place, I still get the following runtime error: > > *** Security Sandbox Violation *** > Connection to http://cscperf1.creo.com:9998/RPC2 > <http://cscperf1.creo.com:9998/RPC2> halted - not permitted from > http:// > adp.creo.com/PerforceBuildClient/BuildClient-debug.swf > > (adp.creo.com is the server that is hosting the swf file) > > By using tcpflow to capture the TCP packets being sent to and from my > client, I can see > that when the application starts up, the crossdomain.xml file is being > requested by > localhost from cscperf1.creo.com/crossdomain.xml on port 80. The file is > delivered to > localhost. Then, when I first do something in the UI that makes an > XML-RPC call using port > 9998, localhost again requests the crossdomain.xml file from > cscsperf1.creo.com, but this > time the request is made to port 9998. This results in an error 501 > being returned. > > Any suggestion are welcome. > > Thanks. > Tobias. > > Here's the tcpflow output: > > 010.001.065.086.61869-010.001.066.013.00080: GET /crossdomain.xml > HTTP/1.1 > Accept: */* > Accept-Language: en > Accept-Encoding: gzip, deflate > Cookie: SITESERVER=ID=206230141e3ce3607abc5ad08e8e9cd3; > ASPSESSIONIDSSBCSDTS=GBCHHDHCMCJGGMOMHMHACHED > Referer: > http://adp.creo.com/PerforceBuildClient/BuildClient-debug.html?debug=tru > e > <http://adp.creo.com/PerforceBuildClient/BuildClient-debug.html?debug=tr > ue> > User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) > AppleWebKit/418.9 (KHTML, > like Gecko) Safari/419.3 > Connection: keep-alive > Host: cscperf1.creo.com:80 > > 010.001.066.013.00080-010.001.065.086.61869: HTTP/1.1 200 OK > Content-Length: 118 > Content-Type: text/xml > Last-Modified: Thu, 23 Nov 2006 16:42:04 GMT > Accept-Ranges: bytes > ETag: "e9aa64e1efc71:29f" > Server: Microsoft-IIS/6.0 > X-Powered-By: ASP.NET > Date: Thu, 23 Nov 2006 17:15:37 GMT > > <?xml version="1.0"?> > > <cross-domain-policy> > <allow-access-from domain="*" to-ports="*"/> > </cross-domain-policy> > > 010.001.065.086.61870-010.001.066.013.09998: GET /crossdomain.xml > HTTP/1.1 > Accept: */* > Accept-Language: en > Accept-Encoding: gzip, deflate > Cookie: SITESERVER=ID=206230141e3ce3607abc5ad08e8e9cd3; > ASPSESSIONIDSSBCSDTS=GBCHHDHCMCJGGMOMHMHACHED > Referer: > http://adp.creo.com/PerforceBuildClient/BuildClient-debug.html?debug=tru > e > <http://adp.creo.com/PerforceBuildClient/BuildClient-debug.html?debug=tr > ue> > User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) > AppleWebKit/418.9 (KHTML, > like Gecko) Safari/419.3 > Connection: keep-alive > Host: cscperf1.creo.com:9998 > > 010.001.066.013.09998-010.001.065.086.61870: HTTP/1.0 501 Unsupported > method > ('GET') > > 010.001.066.013.09998-010.001.065.086.61870: Server: BaseHTTP/0.3 > Python/2.4.2 > Date: Thu, 23 Nov 2006 17:15:49 GMT > Content-Type: text/html > Connection: close > > <head> > <title>Error response</title> > </head> > <body> > <h1>Error response</h1> > <p>Error code 501. > <p>Message: Unsupported method ('GET'). > <p>Error code explanation: 501 = Server does not support this operation. > </body> > > --- In flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> > , "Carson Hager" carson.hager@ wrote: > > > > Yes, you can. > > > > > > Carson > > ____________________________________________ > > > > Carson Hager > > Cynergy Systems, Inc. > > http://www.cynergysystems.com <http://www.cynergysystems.com> > <http://www.cynergysystems.com/ <http://www.cynergysystems.com/> > > > > > Email: carson.hager@ > > Office: 866-CYNERGY > > Mobile: 1.703.489.6466 > > > > > > > > ________________________________ > > > > From: flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> > [mailto:flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> > ] On > > Behalf Of tobiaspatton > > Sent: Wednesday, November 22, 2006 5:05 PM > > To: flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> > > Subject: [flexcoders] crossdomain file and ports > > > > > > > > Hello list; > > > > Here's my problem. I have written a Flex application that communicates > > > with an XML-RPC server on port 9998. I want to host the SWF file on a > > different server, and serve it on port 80. The XML-RPC server does not > > > support the HTTP GET method, so I cannot deliver a crossdomain.xml > > file on port 9998. However, there is a web server on the machine > > hosting the XML-RPC server, so it can serve the crossdomain.xml file > > on port 80. > > > > My question is this: if server A provides a crossdomain.xml file on > > port 80, does that extend permission for an SWF file to connect on > > port 9998? I.e. can I call Security.loadPolicy > > ( "http://server:80/crossdomain.xml <http://server:80/crossdomain.xml> > <http://server:80/crossdomain.xml <http://server:80/crossdomain.xml> > " > > ) and expect my HTTPService that > > uses http://server:9998/RPC2 <http://server:9998/RPC2> > <http://server:9998/RPC2 <http://server:9998/RPC2> > to work? > > > > Thanks. > > Tobias. > > >