Can anyone help me with a Security Sandbox Violation that I can't seem to figure out? I'm testing using Flash Player 8 Debug version (IE7 ActiveX and Firefox 2.0.0.6 plugin). I'm trying to load a remote swf (http://xyz.a.server2.net/datadir/data.swf) from a web-hosted swf (http://www.server1.com/test/app.swf).
Here's where I'm at: - I added System.security.allowDomain("xyz.a.server2.net") to app.swf. - I added System.security.allowDomain("www.server1.com") to data.swf. - I created a cross-domain policy file (crossdomain_1.xml) and uploaded it to http://www.server1.com (root dir) with this entry: <allow-access-from domain="*.server2.net" /> - I created a cross-domain policy file (crossdomain_2.xml) and uploaded it to http://xyz.a.server2.net/datadir (I don't have access to the root of this server) with this entry: <allow-access-from domain="www.server1.com" /> - I added System.security.loadPolicyFile("http://xyz.a.server2.net/datadir/crossdomain _2.xml") to app.swf. - I added System.security.loadPolicyFile("http://www.server1.com/crossdomain_1.xml") to data.swf. - Then, in app.swf, I attempt to load data.swf using loadMovie("http://xyz.a.server2.net/datadir/data.swf", target_mc) - I publish app.swf for Player 8, AS2, and upload it to http://www.server1.com/test. - I publish data.swf for Player 8, AS2, and upload it to http://xyz.a.server2.net/datadir. Here's what I get in flashlog.txt when I test it using IE7: *** Security Sandbox Violation *** SecurityDomain 'http://www.server1.com/test/' tried to access incompatible context 'http://xyz.a.server2.net/datadir/crossdomain_2.xml' Here's what I get when using Firefox: *** Security Sandbox Violation *** SecurityDomain 'http://www.server1.com/test/app.swf' tried to access incompatible context 'http://xyz.a.server2.net/datadir/crossdomain_2.xml' FWIW, in my testing, I found that if I publish data.swf for Player 5, the error goes away in IE 7, but not in Firefox. What am I missing? I would think this should be pretty simple, as my code is pretty basic (ie, data.swf doesn't do anything right now, other than System.security.allowDomain and System.security.loadPolicyFile). Thanks, Shane _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com