Thanks for your response...I have a full access cross domain on my server and loading it via Security.loadPolicyFile() does nothing as well. Hmm...
<cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> --- In flexcoders@yahoogroups.com, å`¨æ¯å® <[EMAIL PROTECTED]> wrote: > > When you use a socket or xmlsocket in a remote swf file, > flashplayer would send a policy-request to the server. > Check > http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_04.html > > When you run it locally, flashplayer won't do this. > > I'm not sure if this is the reason. > Maybe you should call Security.loadPolicyFile() yourself and let the > server give it a correct respond. > > > Josh McDonald wrote: > > > > It sounds to me like your server is simply holding the connection for > > a few seconds in order to prevent brute-force password attacks. > > > > -Josh > > > > On Wed, Jun 11, 2008 at 6:23 AM, e_baggg <[EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>> wrote: > > > > This is baffling me. For authentication reasons, I am doing all my > > HTTP traffic via a custom flash.net.Socket where I create and parse > > the HTTP request/response myself (using Digest authorization). > > Everything works fine when I run the generated html/swf files locally, > > but once I deploy them to the unprotected part of a webserver, the > > response connection is not dropped by the server for several seconds. > > I do a GET and receive the 401 immediately...send the same GET request > > again with the Digest info. I receive the correct response from the > > server immediately but the socket is not closed for 4 seconds by the > > server. Has anyone seen this? > > > > I have "Connection: close" in my request but the socket is still kept > > open. If I access this URI via browser URL bar, the delay is not > > there. I sniffed the packets and even if I mimic the request String > > exactly, the socket still hangs for 4 seconds. I suspect I am not > > closing the socket request, though '\r\n\r\n' seems to be the standard > > (and it works when it runs locally). Any ideas??? > > > > Here is my exact request that hangs though the 200 response is > > received immediately: > > > > GET /myapp/mydata.xml HTTP/1.1\r\n > > Host: www.mydomain.com <http://www.mydomain.com>\r\n > > Content-Type: application/x-www-form-urlencoded\r\n > > Keep-Alive: 1\r\n > > Connection: close\r\n > > Cookie: JSESSIONID=8CCB32BBEDB875F082709FE17AA93679;\r\n > > Authorization: Digest username="user1", realm="MYAPP", > > nonce="MTIxMzEyODYwOTE0MDo1Njg5NTllYTUxMDYyN2VmNGNmMjViMTA4MDFiMDRjMA==", > > uri="/myapp/mydata.xml", response="1175bbe7d5840a0d94fb5de3ef16a2a3", > > qop=auth, nc=1, cnonce="0a4f113b"\r\n\r\n > > > > > > > > > > -- > > "Therefore, send not to know For whom the bell tolls. It tolls for thee." > > > > :: Josh 'G-Funk' McDonald > > :: 0437 221 380 :: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > >
