Hi All,
Can anyone please help clarify how to implement and support a
'non-master' socket policy file my head is spinning after reading all
the adobe docs. My current understanding is as follows: ( I need to
task server team to help with this one and need to make sure I have it
right before tasking )
1. Write a crossdomain.xml policy file and place it in the root of the
server listening to the same port as the socket connections. For
example:
<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*" to-ports="80" />
<allow-http-request-headers-from domain="*" headers="*" />
<site-control permitted-cross-domain-policies="by-content-type"/>
</cross-domain-policy>
2. Edit Apache to return the appropriate content-type for the
crossdomain.xml. For example:
<Location /crossdomain.xml>
ForceType text/x-cross-domain-policy
</Location>
3. Update your server side script to detect a policy file request. For
example: //TODO
- have script read the string <policy-file-request/> followed by a
NULL byte and return the crossdomain.xml content as text. Note: Flash
Player sends the string <policy-file-request/> followed by a NULL byte
to the port where it is requesting a policy file; no more, no less.
- If request does not contain the <policy-file-request/> then honor
the requested resource and return the appropriate response(s) the
client is expecting
- ALL none policy file requests must add a header XXX (cant seem to
find this ref)
4. Update your ActionScript to load the policy file before you atempt
a socket connection. For example:
Security.loadPolicyFile("http://10.0.2.30:80/crossdomain.xml";);
Am I missing anything. What headers must be set for each socket
connection response?
Any help is much appreciated!
Thanks,
Greg
