That's it ;) There is already a crossdomain.xml in $red5-home/webapps/root/ directory. So, I added this line to crossdomain.xml to allow access from the client application domain. <allow-access-from domain="myapplication.com.tr"/> Now everthing seems fine, thanks all of you. Regards
2010/5/10 Max Carlson <[email protected]> > I'm pretty sure it's a security issue. From the Flash 9 security > whitepaper: > >> The URL policy file is located, by default, in the root directory of the >> target server, with the name crossdomain.xml (for example, at >> www.example.com/crossdomain.xml). Flash application developers can >> specify another location by calling the ActionScript loadPolicyFile() >> method. The URL policy file located in the root directory is referred to as >> the master policy file. >> The scope of the permissions defined in a URL policy file includes all >> resources within the directory and within nested subdirectories. Policy >> files are only able to grant access to a resource; they cannot restrict >> access. The search order of the policy files does not need to be >> well-defined, because there is no precedence among them. If a resource is >> within the scope of more than one policy file, any one of the policy files >> may grant access. >> Note: There are two distinct (basically unrelated) controls that apply to >> cross-domain actions that might be confused: URL policy files (covered here) >> are managed by domain administrators to allow network access to data; the >> ActionScript allowDomain() method is specified by authors to allow >> client-side cross-domain scripting (see “Developer controls” on page 33). >> When a domain is specified in a URL policy file, the site declares that it >> is willing to allow the operators of any servers in that domain to obtain >> any document on the server where the policy file resides. Often this is the >> effect that you want. For example, if a site serves only public documents >> from a particular server, the site should have no qualms about who can >> obtain documents on that server, because anyone can simply visit the server >> and download files that they want. In this situation, it is safe to open the >> server to all domains (use of a single asterisk "*" as a pure wildcard is >> supported): >> <cross-domain-policy> <allow-access-from domain="*" /> >> </cross-domain-policy> >> > > Let me know how it goes! > > Regards, > Max Carlson > OpenLaszlo.org > > > On 5/10/10 10:06 AM, cem sonmez wrote: > >> using in oninit of the canvas : >> flash.system.Security.allowDomain("*"); >> >> I am not sure if it is a cross-domain issue. >> Maybe someone point me where should have have a look. >> Regards >> >> >> 2010/5/10 Peter Brand <[email protected] >> <mailto:[email protected]>> >> >> >> Could it be a cross-domain problem? >> Sorry, if this is a silly thought >> >> >> ------------------------------------------------------------------------ >> *From:* [email protected] >> <mailto:[email protected]> >> [mailto:[email protected] >> <mailto:[email protected]>] *On Behalf Of *cem sonmez >> *Sent:* Monday, May 10, 2010 4:17 PM >> *To:* Raju Bitter >> *Cc:* [email protected] <mailto:[email protected]> >> >> *Subject:* Re: [Laszlo-user] unable to refer to a jsp on the FMS >> applicationfrom the swf on the web server >> >> I looked at the HTTP headers but for the 4. case, there is not any >> response header when the expected action performed. >> Everything seems fine for the first three case. I can see the xml >> content that is coming from jsp clearly. >> Do you have any idea about that? >> Thanks >> >> 2010/5/10 Raju Bitter <[email protected] >> <mailto:[email protected]>> >> >> >> Did you look into the HTTP response headers? What are you seeing >> there? >> >> >> On Mon, May 10, 2010 at 2:37 PM, cem sonmez >> <[email protected] <mailto:[email protected]>> wrote: >> >> Hi all >> I am not sure that if this is an openlaszlo issue. But >> anyway, someone here may help me to work out this problem. >> >> At first, the following problem just occurs if I deploy the >> swf application on the web server and run the application on >> the web. >> There is a red5 server application and at the openlaszlo >> side, one local dataset refers to a JSP on the server >> application and gets a xml result. >> Then a grid uses this dataset as the datapath. >> >> <dataset name="dset" id="dset" type="http" querytype="POST" >> src="http://server-static-ipv4-address:5080/fi6en/myjsp.jsp"; >> autorequest="true"/> >> <grid name="videoGrid" >> datapath="local:classroot.dset:/videos" >> contentdatapath="video" /> >> >> [1]- When I run the lzx on the browser like : >> >> http://localhost:8080/lps-4.7.2/workspace-laszlo/client/fi6en.lzx?lzr=swf10&debug=true >> < >> http://localhost:8080/lps-4.7.2/workspace-laszlo/client/fi6en.lzx?lzr=swf10&debug=true >> > >> Dataset gets the xml with no problem. OK >> [2]- When I run the swf which has been generated by using >> "solo deploy" of openlaszlo developer console, like >> file:///home/cem/Desktop/client/fi6en.lzx.swf10.swf >> Dataset gets the xml with no problem. OK >> [3]- When I run the application on localhost without >> changing nothing on [2], like >> http://localhost/client/fi6en.lzx.swf10.swf >> Dataset gets the xml with no problem. OK >> >> [4]- When I run the application on the web without changing >> nothing on [2], like >> http://fi6en.comu.edu.tr/client/fi6en.lzx.swf10.swf >> *Dataset can not get the xml from jsp. FAILS* >> I get no errors on the server application console. >> >> Even I canT reason anything, got stuck here. >> Did any of you faced such like problem before? >> Thanks >> Kind regards >> >> -- >> Cem SONMEZ >> >> >> >> >> >> -- >> Cem SONMEZ >> >> >> >> >> -- >> Cem SONMEZ >> > -- Cem SONMEZ
