[flexcoders] security sandbox violation in standalone player but not in browser
(sorry if this is a dupe, but the message I sent yesterday still hasn't posted to the list--they're usually up within minutes) Our application has been working fine in various browsers. I'm trying to get it to work in the standalone player (version 9 debug and 10 debug--same behavior--for Linux) for automated testing, but I'm hitting some security sandbox violations: *** Security Sandbox Violation *** Connection to http://localhost:8080/truviso/flex/main/../../foo halted - not permitted from http://localhost:8080/truviso/flex/main/main.swf This relative URL works just fine when loading the .swf through Firefox, IE, Safari, and Opera. We're using relative URLs because we need to be able to rename the webapp without rebuilding it. There's a crossdomain.xml file in truviso/crossdomain.xml and in the root with wide-open access (for now). Any ideas why the standalone player is unhappy with this relative URL? Anything I can do with respect to crossdomain.xml or other security configuration to get around this? Thanks, -- Maciek Sakrejda Truviso, Inc. http://www.truviso.com
[flexcoders] security sandbox violation in standalone player but not in browser
Our application has been working fine in various browsers. I'm trying to get it to work in the standalone player (version 9 debug and 10 debug--same behavior--for Linux) for automated testing, but I'm hitting some security sandbox violations: *** Security Sandbox Violation *** Connection to http://localhost:8080/truviso/flex/main/../../foo halted - not permitted from http://localhost:8080/truviso/flex/main/main.swf This relative URL works just fine when loading the .swf through Firefox, IE, Safari, and Opera. We're using relative URLs because we need to be able to rename the webapp without rebuilding it. There's a crossdomain.xml file in truviso/crossdomain.xml and in the root with wide-open access (for now). Any ideas why the standalone player is unhappy with this relative URL? Anything I can do with respect to crossdomain.xml or other security configuration to get around this? Thanks, -- Maciek Sakrejda Truviso, Inc. http://www.truviso.com
RE: [flexcoders] security sandbox violation in standalone player but not in browser
Might be a bug or subtle intended behavior. Read up on the security doc to see if it talks about that case. For sure, in local sandboxes, you can't back out to higher folders using ..\ so maybe that check runs in Standalone player. From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Maciek Sakrejda Sent: Tuesday, January 06, 2009 6:37 PM To: flexcoders Subject: [flexcoders] security sandbox violation in standalone player but not in browser Our application has been working fine in various browsers. I'm trying to get it to work in the standalone player (version 9 debug and 10 debug--same behavior--for Linux) for automated testing, but I'm hitting some security sandbox violations: *** Security Sandbox Violation *** Connection to http://localhost:8080/truviso/flex/main/../../foohttp://localhost:8080/truviso/foo halted - not permitted from http://localhost:8080/truviso/flex/main/main.swf This relative URL works just fine when loading the .swf through Firefox, IE, Safari, and Opera. We're using relative URLs because we need to be able to rename the webapp without rebuilding it. There's a crossdomain.xml file in truviso/crossdomain.xml and in the root with wide-open access (for now). Any ideas why the standalone player is unhappy with this relative URL? Anything I can do with respect to crossdomain.xml or other security configuration to get around this? Thanks, -- Maciek Sakrejda Truviso, Inc. http://www.truviso.com
