Here's my crossdomain.xml file: <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd";> <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy>
So how is it, with EVERY domain allowed, I'm getting the same old "Connection to https://mydomain.com/flex2gateway/secureamf halted - not permitted from http://mydomain.com/myappfolder/myapp.swf";? Now, I've read some of the information on policy files... They mentioned something about setting secure="false" in the <allow-access-from> line if you're accessing https: data from an SWF file that was loaded with the http: protocol. I have two questions about that: 1) If I set secure="false" won't that negate the whole point of using a secure channel in the first place? I mean, why have a secure channel if you're going to set secure="false"?! (Further, if I put my actual domain in there instead of "*", setting secure="false" still gives me the Security Sandbox violation anyway... So what's the point, really? secure="false" doesn't seem to be what I want here.) 2) If I go ahead and set secure="false" and leave the domain="*", instead of getting the Security Sandbox violation, I'm getting a "Channel.Connect.Failed error NetConnection.Call.Failed: HTTP: Status 404: url: 'https://mydomain.com/flex2gateway/secureamf'" So HTTP 404, that's file-not-found... What file is it not finding? Did I mention that I truly despise dealing with network security? Especially when it won't work correctly. LOL Thanks, L.
