OK -- I'll see where I might be able to redirect this.
While I'm fully aware of security restrictions -- I didn't expect to run into them when I'm fully in control of the server and fully in control of the client app. Making the necessary modifications ( i.e. recompiling the httpd server!) to respond to this one xmlsocket request on my http server "works", it just seems so unnecessary. Thanks for the input! On 5/31/07, Peter Farland <[EMAIL PROTECTED]> wrote:
This really is a question for the Flash Player team and is outside of the scope of Flex. I will note that, while I'm not on the Flash Player team, such decisions were made very intentionally. They're not randomly trying to make life difficult, they've deliberately set restriction for security reasons to avoid specific exploits. Pete ------------------------------ *From:* [email protected] [mailto:[EMAIL PROTECTED] *On Behalf Of *lieut_data *Sent:* Wednesday, May 30, 2007 2:59 PM *To:* [email protected] *Subject:* [flexcoders] Re: Socket Connection to Port 80 on Serving Host Essentially, the problem boils down to this: "If you want to connect to a socket on a different host than the one from which the connecting SWF file was served, or if you want to connect to a port lower than 1024 on any host, you must obtain an xmlsocket: policy file from the host to which you are connecting." ---http://livedocs.adobe.com/flex/2/langref/flash/net/Socket.html#connect () Why do I need to implement an XMLSocket server, to open a Socket to a service on my server that isn't an XMLSocket service? Why can't it get the information it needs from an HTTP resource? "A policy file obtained from an HTTP server implicitly authorizes socket access to all ports 1024 and above; any to-ports attributes in an HTTP policy file are ignored." --- http://livedocs.adobe.com/flex/2/docs/wwhelp/wwhimpl/common/html/wwhelp.htm?context=LiveDocs_Parts&file=00001952.html#145389 It seems as though the intent is to prevent the Flash player from communicating, using Sockets, to any standard HTTP server setup (port 80 open, nothing else). Why? -- Jesse Hallam University of Waterloo Junior --- In [email protected] <flexcoders%40yahoogroups.com>, "Jesse Hallam" <[EMAIL PROTECTED]> wrote: > > I'm surprised how many walls I've run into trying to solve this, fairly > simple problem. > > Essentially, I need to perform RPC style communication with the server > hosting the .swf. The server, which is also under my control, communicates > custom binary data over HTTP, expecting HTTP POST requests from the client. > Part of its response includes custom headers to indicate the status of the > request, with the body containing the raw binary data needed. > > Of course, neither the Flex HTTPService, URLLoader, or URLStream allow me to > parse custom response headers (not to mention setting some strange > restrictions on which headers I can transmit). Instead, I turned to Sockets > in the hopes of writing my own, more FLEXible HTTP client. > > Alas, I cannot seem to use Sockets to open a connection to port 80 on the > host serving the .swf. From the following documentation: > > http://livedocs.adobe.com/flex/2/docs/wwhelp/wwhimpl/common/html/wwhelp.htm?context=LiveDocs_Parts&file=00001952.html#145389 > > I learn several things: > > - Socket communication requires a socket policy file, distinct from a > document policy file > - A socket policy file must be obtained using the same communication > protocol as the socket (i.e. a socket opened on port 501 requires a > socket policy file from port 501) > - A socket policy file can be used to allow port access to ports < > 1024 > - A special syntax, 'xmlsocket://server:port/crossdomain.xml' can be > used to request a socket policy file from a different port > - Using loadPolicyFile and a standard document policy file, access to > ports > 1024 are implicitly enabled, and any 'to-ports' settings in the > configuration file are ignored. > > Basically, at the end of the day, I want a .swf served from a host to be > able to open socket connection on port 80 back to the server that hosted it > to do HTTP operations. I cannot seem to be able to do this unless I: > > - Open another port < 1024 to serve a socket policy file > - Modify the server to respond to the Flash request for a socket > policy file ( http://www.blog.lessrain.com/?p=512 ) > > > Why must it be so difficult to access the response headers from an HTTP > connection?! This isn't a crossdomain issue at all -- this is communication > with the very same host that served the .swf file in the first place. > > Has anyone managed to overcome this issue cleanly? > Any input from more experienced Flex coders? > > Any help would be greatly appreciated :) > > Reference post, that yielded inconclusive results: > http://tech.groups.yahoo.com/group/flexcoders/message/71730 > > -- > Jesse Hallam > University of Waterloo Junior > > "For scarcely for a righteous man will one die: yet peradventure for a good > man some would even dare to die. But God commendeth his love toward us, in > that, *while we were yet sinners*, Christ died for us. " (Romans 5:7, 8) >
-- Jesse Hallam University of Waterloo Junior "For scarcely for a righteous man will one die: yet peradventure for a good man some would even dare to die. But God commendeth his love toward us, in that, *while we were yet sinners*, Christ died for us. " (Romans 5:7, 8)
