I think you will need that new thingy, hold on...yeah, <site-control permitted-cross-domain-policies="master-only"/>
And maybe: <allow-http-request-headers-from domain="*" headers="*" /> I'm clucking fooless about what they mean, and you probably don't want so many "*" in a production environment, so you might want to see the FlashPlayer security whitepapers. Also, the crossdomain file goes on the server that is serving the *data* or other asset, not on the one that is serving the application swf. Tracy ________________________________ From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Erin Sent: Friday, June 06, 2008 1:10 PM To: [email protected] Subject: [flexcoders] Crossdomain Policy Problems Hello, Per updating to the new flash player; my server admin and I have been having a heck of a time trying to get the new crossdomain policy working. Right now we don't need any security on the policy, since it's being called from two internal domains. The file itself is residing in the root web directory of the flash files, and it is trying to access a web service under a different domain. Prior to the new crossdomain update, the policy was working fine, so I do not believe it is the location of the file itself. We are trying to use just a generic policy: <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd <http://www.adobe.com/xml/dtds/cross-domain-policy.dtd> "> <cross-domain-policy> <site-control permitted-cross-domain-policies="all"/> <allow-access-from domain="*"/> </cross-domain-policy> Any ideas what could be causing problems? Thanks :)
