Just thought I'd update. After lots of digging - and tracing Flash player debug info - it turns out it's a completely different issue (after a fashion). The SWF is loading correctly, but the URL to "https://dev.company1.org/flex2gateway/'" isn't visible externally. So, indeed it couldn't load the gateway config. There was still a sandbox violation occurring because the REMOTE was trying to go to a different server - and that had to be resolved before the true issue hit me on the head - but part of the reason I couldn't get it to work is that both issues threw the exact same error message in the Flash player. It wasn't until I traced it that I noticed something was slightly different with the crossdomain.xml properly set.
This opens a completely different can of worms concerning what's wrong, how to fix it and implications of how some of these apps are/will be deployed. For future reference, if you include "allow-http-request-headers-from" in your crossdomain.xml file, you need to use domain names. If you remove that property (just setting the "allow-access-from"), setting domain="*" works and gives you a good start for troubleshooting..... Thanks for pointing me in the right direction! Dawn On Thu, Mar 25, 2010 at 3:21 PM, Dawn Hoagland <[email protected]>wrote: > I absolutely agree with all of you. We'll get it locked up tight - once we > get it working. I don't have direct access to the server so I'm working > with several people resolving the issue. > > I'll post back once we get it fixed with the resolution (it may help > someone else having the same issue). > > Thanks again! > > Dawn > > > On Thu, Mar 25, 2010 at 2:18 PM, Douglas Knudsen <[email protected] > > wrote: > >> couldn't agree more with Dean here, lock that thing up. >> >> http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html >> >> <http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html>This >> is a good ref on the topic. >> >> Also, I'd get Service Capture and verify that your SWF is indeed loading >> the proper crossdomain.xml file as well as other traffic. >> >> Douglas Knudsen >> [email protected] >> >> >> >> On Mar 25, 2010, at 11:41 AM, Dean H. Saxe wrote: >> >> FYI, opening up the cross domain policy to all sites is >> doubleplusungood. (Sorry for the 1984 reference!) Lock it down to >> the specific sites which need cross domain access, no more. >> >> -dhs >> >> -- >> Dean H. Saxe >> "A true conservationist is a person who knows that the world is not >> given by his fathers, but borrowed from his children." -- John James >> Audubon >> >> >> >> On Thu, Mar 25, 2010 at 7:39 AM, Robert Lash <[email protected]> wrote: >> >> Have you tested this with one domain or a static domain address? >> >> You might want to try that first to isolate the issues. >> >> >> I actually never got a crossdomain policy to work with the "*" all >> settings >> >> but was successful with static domain names. >> >> Robert Lash >> >> >> >> On Wed, Mar 24, 2010 at 4:05 PM, Dawn Hoagland <[email protected]> >> >> wrote: >> >> >> Background: >> >> We are running ColdFusion8 in a multi-server configuration under IIS. We >> >> have an application where we are attempting to allow our customer access >> >> through a proxy server. The domain of our internal server (for discussion >> >> sake) is dev.company1.org. The domain they are coming from is >> >> test.company2.com. >> >> >> We receive the following error: >> >> Channel.Security.Error error Error #2048: Security sandbox violation: >> >> https://test.company2.com/system/app/bin/index.swf cannot load data from >> >> https://dev.company1.org/flex2gateway/. url: >> >> 'https://dev.company1.org/flex2gateway/' >> >> >> All of my searches point to needing to add a crossdomain.xml policy file. >> >> I've created one (see below) that should allow any connection and placed >> it >> >> at the web root. >> >> >> Am I missing something completely? >> >> >> ----- begin crossdomain.xml ----- >> >> <?xml version="1.0" encoding="UTF-8"?> >> >> <!DOCTYPE cross-domain-policy SYSTEM >> >> "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd";> >> >> <cross-domain-policy> >> >> <allow-access-from domain="*" secure="false" /> >> >> <allow-http-request-headers-from domain="*" headers="*" secure="false" >> >> /> >> >> </cross-domain-policy> >> >> ---- end crossdomain.xml --- >> >> >> Thanks! >> >> >> Dawn >> >> >> >> >> >> ------------------------------------------------------------- >> To unsubscribe from this list, manage your profile @ >> http://www.acfug.org?fa=login.edituserform >> >> >> For more info, see http://www.acfug.org/mailinglists >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >> List hosted by http://www.fusionlink.com >> ------------------------------------------------------------- >> >> >> >> >> >
