Also be aware that there are a couple additional lines required in the crossdomain file in some circumstances, especially for webservce:
<site-control permitted-cross-domain-policies="master-only"/> <allow-http-request-headers-from domain="*" headers="*"/> I'm with you on despising the constraints of security. But resistance is futile. Tracy Spratt, Lariat Services, development services available _____ From: [email protected] [mailto:[email protected]] On Behalf Of Laurence Sent: Saturday, February 20, 2010 12:28 AM To: [email protected] Subject: [flexcoders] Re: Still getting Security Sandbox violations... Ok -- I figured out #2 below... "flex.messaging.endpoints.SecureAMFEndpoint" in the services-config.xml file only belongs there in ColdFusion 8. For ColdFusion 9 it's different: "coldfusion.flash.messaging.SecureCFAMFEndPoint" (Warren's message earlier said my endpoints were funky -- I'm guessing he's using CF8.) So I changed it, and now I'm not getting the 404 error. But I still want to know about the secure="false" tag. Will setting that prevent my channel from being secure? Yet setting it seems to be the only way I can access my data, which is very stupid if that's going to un-secure my channel. I mean, what's the point? Thanks, L. --- In flexcod...@yahoogro <mailto:flexcoders%40yahoogroups.com> ups.com, "Laurence" <lmacne...@...> wrote: > 2) If I go ahead and set secure="false" and leave the domain="*", instead of getting the Security Sandbox violation, I'm getting a "Channel.Connect.Failed error NetConnection.Call.Failed: HTTP: Status 404: url: 'https://mydomain. <https://mydomain.com/flex2gateway/secureamf> com/flex2gateway/secureamf'" So HTTP 404, that's file-not-found... What file is it not finding?
