websocket - secure web socket connection through flex generates a Security sandbox violation -


i'm trying connect secure web socket (wss://) using flex, , i'm getting security sandbox viloation error.

the full error message following:

*** security sandbox violation *** connection foo.bar:8443 halted - not permitted https://foo.bar:8443/foo/foo-html/main.swf security error: [securityerrorevent type="securityerror" bubbles=false cancelable=false eventphase=2 text="error #2048: security sandbox violation: https://foo.bar.com:8443/foo/foo-html/main.swf cannot load data come2play.xpogames.com:8443."]

connection failure: error #2048: security sandbox violation: https://foo.bar.com:8443/foo/bar-html/main.swf cannot load data foo.bar.com:8443. websocket closed.

the browser i'm trying use firefox 20.0.1.

i created javascript client connects same address using wss:// protocol on port 8443 , connected fine.

i included crossdomain.xml file in under root directory of tomcat flex application able load it. content of crossdomain.xml file follows:

<?xml version="1.0"?> <cross-domain-policy>     <allow-access-from domain="*" secure="false" />         <allow-http-request-headers-from domain="*" headers="*"/> </cross-domain-policy>

i checked firebug , noticed crossdomain.xml file loaded properly.

i tried specify manually location of crossdomain.xml file using 

flash.system.security.loadpolicyfile("{url crossdomain.xml file on ssl virtual root}");

but got same results.

i tried different configuration variations in crossdomain.xml. example secure="yes", tried specify ports used, nothing worked, got security sandbox violation.

i know mms.cfg file may have disablesockets = 1 directive turned on not have such file in system. i'm on linux gentoo.

the funny thing system on same domain , same port websockets are!

it's facebook application sit's on apps.facebook.com/foo example.. , canvas page example foo.bar.com:8443

and secure web socket address wss://foo.bar.com:8443! don't understand why need deal cross domain in first place!

any information regarding issue appreciated!

thank you

i installed http://code.google.com/p/flashpolicyd/

it opens server on port 843 servers poilcy file per request. have policy file there accepts every host , every port, need modify according needs.

then need in flex code point policy file address using xmlsocket:// protocol. 

    security.loadpolicyfile("xmlsocket://hostname:843");

that's it!


Comments

Post a Comment