What need I do to allow a SWF to access my web service? I have a web service
here:
https://data.expensify.com
I've configured it to respond with the absolute maximally-permissive
crossdomain.xml:
https://data.expensify.com/crossdomain.xml
HTTP/1.1 200 OK
Content-Type: text/x-cross-domain-policy
X-Permitted-Cross-Domain-Policies: all
Content-Length: 299
<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd";>
<allow-access-from domain="*"/>
<site-control permitted-cross-domain-policies="all"/>
</cross-domain-policy>
I have a SWF I'm hosting on http://127.0.0.1/Expensify.swf. I've configured my
mm.cfg to
enable policy-file logging, and it logs:
OK: Root-level SWF loaded: http://127.0.0.1/Expensify.swf
OK: Policy file accepted: https://data.expensify.com/crossdomain.xml
Error: Request for resource at https://data.expensify.com/xxxxxxxxx by
requestor from
http://127.0.0.1/Expensify.swf is denied due to lack of policy file permissions.
Any clues what I need to do? It was working just fine before, but now is
broken with the
switch to the latest Flash player.
Basically, how can I configure data.expensify.com to say "really, seriously,
*ANYBODY*
from *ANYWHERE* at *ANY TIME* can call me. *REALLY*."
-david
