Okay I've gotten the server folks to allow me to serve my own crossdomain.xml file. How do I craft a crossdomain policy file that will allow the swf (served via http) to access data served via https within the same domain?
Here's my error: 2048: Security sandbox violation: http://example.com/media/swf/game.swf cannot load data from https://example.com/secure/game/direct_payment. I've tried this: <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE cross-domain-policy SYSTEM 'http://www.adobe.com/xml/dtds/cross-domain-policy.dtd'> <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> I've also tried this: <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all"/> <allow-access-from domain="www.example.com"/> <allow-access-from domain="example.com"/> <allow-access-from domain="stage.example.com"/> <allow-access-from domain="www.stage.example.com"/> <allow-access-from domain="stage.example.com"/> <allow-access-from domain="http://stage.example.com"/> <allow-access-from domain="http://www.stage.example.com"/> <allow-access-from domain="https://stage.example.com"/> <allow-access-from domain="https://www.stage.example.com"/> <allow-access-from domain="http://example.com"/> <allow-access-from domain="http://www.example.com"/> <allow-access-from domain="https://example.com"/> <allow-access-from domain="https://www.example.com"/> </cross-domain-policy> Neither work. I've tried placing the policy file at root and in the /game folder. No Luck. Any ideas as to what I'm doing wrong here? Also, has anyone had luck getting policy file logging to work on osx? I've followed adobe's recipe but there seems to be no policyfiles.txt log file on my machine. thanks _______________________________________________ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders