Hi All,

Can anyone please help clarify how to implement and support a
'non-master' socket policy file my head is spinning after reading all
the adobe docs. My current understanding is as follows: ( I need to
task server team to help with this one and need to make sure I have it
right before tasking )

1. Write a crossdomain.xml policy file and place it in the root of the
server listening to the same port as the socket connections. For
example:

<?xml version="1.0" ?>
<cross-domain-policy>
  <allow-access-from domain="*"  to-ports="80" />
  <allow-http-request-headers-from domain="*" headers="*" />
  <site-control permitted-cross-domain-policies="by-content-type"/>
</cross-domain-policy>

2. Edit Apache to return the appropriate content-type for the
crossdomain.xml. For example:

<Location /crossdomain.xml>
  ForceType text/x-cross-domain-policy
</Location>

3. Update your server side script to detect a policy file request. For
example: //TODO

- have script read the string <policy-file-request/> followed by a
NULL byte and return the crossdomain.xml content as text. Note: Flash
Player sends the string <policy-file-request/> followed by a NULL byte
to the port where it is requesting a policy file; no more, no less.
- If request does not contain the <policy-file-request/> then honor
the requested resource and return the appropriate response(s) the
client is expecting
- ALL none policy file requests must add a header XXX (cant seem to
find this ref)

4. Update your ActionScript to load the policy file before you atempt
a socket connection. For example:

Security.loadPolicyFile("http://10.0.2.30:80/crossdomain.xml";);

Am I missing anything. What headers must be set for each socket
connection response?

Any help is much appreciated!

Thanks,

Greg

Reply via email to