I'm at a loss. I can't figure out why Flash is not loading my policy file properly. I'm testing this from the Flash Debugger.
I've also tried from http://127.0.0.1:80/game (it sends a request to http://127.0.0.1:3014/socket.io/1/).
Security.loadPolicyFile('xmlsocket://127.0.0.1:843'); var r:URLRequest = new URLRequest(); r.url = httpProtocal+"://" + domain + "/socket.io/1/?time=" + new Date().getTime(); r.method = URLRequestMethod.POST; var ul:URLLoader = new URLLoader(r); ul.addEventListener(Event.COMPLETE, onDiscover); ul.addEventListener(HTTPStatusEvent.HTTP_STATUS, onDiscoverError); ul.addEventListener(IOErrorEvent.IO_ERROR , onDiscoverError);
The error:
> webSocketLog: policy file: xmlsocket://127.0.0.1:843 Error #2044:
> Unhandled securityError:. text=Error #2048: Security sandbox
> violation: file:///ude/game/bin-release/Game.swf cannot load data from
> http://127.0.0.1:3014/socket.io/1/?time=1359025067289. at
> com.pnwrain.flashsocket::FlashSocket()
Yet this works:
> echo -ne '<policy-file-request/>\0' | nc -v 127.0.0.1 843
Connection to 127.0.0.1 843 port [tcp/*] succeeded!
<?xml version='1.0' ?>
<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
<cross-domain-policy>
<allow-access-from domain='*' to-ports='*' />
</cross-domain-policy>
Specifying the absolute path to the crossdomain.xml doesn't work either. I can load this file in my browser.
> webSocketLog: policy file: http://127.0.0.1:843/crossdomain.xml
> Error #2044: Unhandled securityError:. text=Error #2048: Security
> sandbox violation: file:///ude/game/bin-release/Game.swf cannot load
> data from http://127.0.0.1:3014/socket.io/1/?time=1359025126138. at
> com.pnwrain.flashsocket::FlashSocket()
Not even this works (solution from a very popular blog post):
import flash.system.Security;
Security.allowDomain("http://127.0.0.1");
Here's the debugger policy file log:
> OK: Root-level SWF loaded:
> file:///ude/game/bin-release/Game.swf
> OK: Searching for <allow-access-from> in policy files to authorize
> data loading from resource at
> http://127.0.0.1:3014/socket.io/1/?time=1359026453454 by requestor
> from
> file:///ude/game/bin-release/Game.swf
> Error: [strict] Ignoring policy file at
> http://127.0.0.1:3014/crossdomain.xml due to missing Content-Type.
> See http://www.adobe.com/go/strict_policy_files to fix this problem.
> Error: Request for resource at
> http://127.0.0.1:3014/socket.io/1/?time=1359026453454 by requestor
> from
> file:///ude/game/bin-release/Game.swf
> is denied due to lack of policy file permissions. Warning: HTTP
> response headers not available on this platform. Strict policy file
> rules cannot be enforced. OK: Policy file accepted:
> http://127.0.0.1:843/crossdomain.xml
The interesting part here is that the OK: Policy file accepted message comes AFTER the errors, even though I'm calling:
Security.loadPolicyFile('http://127.0.0.1:843/crossdomain.xml');
before the URLRequest. So I moved the URLRequest into a setTimeout, and now the log says:
> OK: Root-level SWF loaded:
> file:///ude/game/bin-release/Game.swf
> Warning: HTTP response headers not available on this platform. Strict
> policy file rules cannot be enforced. OK: Policy file accepted:
> http://127.0.0.1:843/crossdomain.xml OK: Searching for
> <allow-access-from> in policy files to authorize data loading from
> resource at http://127.0.0.1:3014/socket.io/1/?time=1359028255268 by
> requestor from
> file:///ude/game/bin-release/Game.swf
> Error: [strict] Ignoring policy file at
> http://127.0.0.1:3014/crossdomain.xml due to missing Content-Type.
> See http://www.adobe.com/go/strict_policy_files to fix this problem.
So, it seems to have loaded the 843 policy file fine, but then tries to load the port 3014 policy file (maybe checking for a sub-policy file?). Which is just a socket.io HTML page saying 'Welcome to socket.io'. It doesn't seem like it should fail for that reason..
I get this in the debugger alert:
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: file:///ude/game/bin-release/Game.swf cannot load data from http://127.0.0.1:3014/socket.io/1/?time=1359028255268.
at MethodInfo-3642()
at Function/http://adobe.com/AS3/2006/builtin::apply()
at SetIntervalTimer/onTimer()
at flash.utils::Timer/_timerDispatch()
at flash.utils::Timer/tick()
Any ideas much appreciated. Thank you!
I am not pro at policy files but this looks suspicious:
Error: [strict] Ignoring policy file at
http://127.0.0.1:3014/crossdomain.xmldue to missing Content-Type. See http://www.adobe.com/go/strict_policy_files to fix this problem.
Seems like policy file is ignored because it has no or invalid Content-Type header.
From Adobe:
Starting in version 9,0,115,0, Flash Player will ignore any HTTP policy file that is not sent with a Content-Type value that gives some assurance that the file is intended to be a text file. Flash Player requires that a policy file's Content-Type must be one of the following:
text/* (any text type)application/xmlorapplication/xhtml+xml
And this:
If you find that you need to solve a Content-Type issue, be sure to also consult the section on meta-policies, because a common way to choose a meta-policy is to designate the special Content-Type of
text/x-cross-domain-policyfor all policy files, which may solve two problems at once—establishing a meta-policy and providing a textual Content-Type.
Also check you server why HTTP response headers are not available:
Warning: HTTP response headers not available on this platform. Strict policy file rules cannot be enforced.
Hope this helps.