Dawn, this can be a thorny challenge. You should confirm first that that file is indeed being requested on the server. You can see that on the server in the web server log. It may be looking for it in a directory other than where you put it.
Also, you can confirm that the client is really requesting it, and whether it's getting it, using a client proxy like Fiddler, Charles, etc. (More on those at http://www.cf411.com/#proxy.) If it is indeed being requested, you would also want to make sure that the web server is responding with a 200, not a 304 (because it may think it's not been modified). Similarly, if you're testing things yourself after making the change to the file, you should make sure to force the browser to go reload that file, as you (your Flex client app) may be seeing a cached version of the xml file. It may be that it works fine now for other users, just not for you because it's still getting a cached version for you. Again, a proxy or the web server status codes can help confirm that, too. Hope that helps. /charlie From: [email protected] [mailto:[email protected]] On Behalf Of Dawn Hoagland Sent: Wednesday, March 24, 2010 4:05 PM To: [email protected] Subject: [ACFUG Discuss] Flex, Flash Security and crossdomain.xml Background: We are running ColdFusion8 in a multi-server configuration under IIS. We have an application where we are attempting to allow our customer access through a proxy server. The domain of our internal server (for discussion sake) is dev.company1.org. The domain they are coming from is test.company2.com. We receive the following error: Channel.Security.Error error Error #2048: Security sandbox violation: https://test.company2.com/system/app/bin/index.swf cannot load data from https://dev.company1.org/flex2gateway/. url: 'https://dev.company1.org/flex2gateway/' All of my searches point to needing to add a crossdomain.xml policy file. I've created one (see below) that should allow any connection and placed it at the web root. Am I missing something completely? ----- begin crossdomain.xml ----- <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd";> <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allow-http-request-headers-from domain="*" headers="*" secure="false" /> </cross-domain-policy> ---- end crossdomain.xml --- Thanks! Dawn ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
