Re: [flexcoders] Security Sandbox Violation for module accessing localhost rest service in dev
Use a testing server, don’t run from file:// On 2/2/12 9:45 AM, Greg Lafrance glafra...@chikaradev.com wrote: Our app has a main module with link button, and clicking each link button loads different modules in the main content area. For only one module, we get a Security Sandbox Violation when we try to do a multipart post of image data. I can't find anything significantly different about this module, other modules do multipart posts fine. I have added thre SWF and various folders (such as containing folder, its parent, etc.) to flash player global settings, but no luck. We added a liberal cross domain file but still no luck. BTW, we are using ModuleLoader, should we try ModuleManager? Please help. *** Security Sandbox Violation *** Connection to http://localhost:PORTNUMBERHIDDEN/services/rest/mycompany/222/assetservice/asset?action=saveassetobjecttype=serviceOfferobjectid=5960User-Agent=flex3.0randomNum=1328144876976 halted - not permitted from file:///C:/Perforce/Main/Portal/main/bin-debug/serviceOffer-2.4.0.18-SNAPSHOT.swf -- Alex Harui Flex SDK Team Adobe Systems, Inc. http://blogs.adobe.com/aharui
Re: [flexcoders] *** Security Sandbox Violation ***
If you get that output but the application does not halt, then you can ignore it. If you want it to be sandboxed, then you can’t access things in it. You would not need a crossdomain.xml file. If you are using Flex 4, make sure you added the option –includes=mx.managers.systemClasses.MarshallingSupport On 8/31/10 10:34 PM, Yu, Deyang deyang...@citi.com wrote: I am building a Flex portal. Which has main application and several sub-applications. I am using sandboxed application. I do have crossdomain.xml defined in both main application and sub applications. And in the main application, I used the swfloader like : mx:SWFLoader id=couponApp width=100% height=100% loadForCompatibility=true trustContent=false complete=allowLoading() / But when I tried to loading the sub application, it always give Security Sandbox Violation error. The error is *** Security Sandbox Violation *** SecurityDomain 'http://localhost:8080/isw/Applications.html?debug=true' tried to access incompatible context 'http://127.0.0.1:8080/coupon/Coupon.swf' Anybody has any idea and suggestion? Where did I go wrong? -- Alex Harui Flex SDK Team Adobe System, Inc. http://blogs.adobe.com/aharui
RE: [flexcoders] *** Security Sandbox Violation ***
Alex, Thanks. In my local tomcat server, the application does not halt. But once I deployed it to Websphere in Solaris, the sub application cannot be loaded. All main application and sub applications are in the same domain, but with different context root. Server.com ip is 152.60.xxx.xxx Server.com/main/mainApp.swf Server.com/sub1/subApp1.swf Server.com/sub2/subApp2.swf User login from Server.com/main/mainApp, it will load subApp1.swf by using URL with ip 152.60.xxx.xxx/sub1/subApp1.swf Then this sub application cannot be loaded. But if user login from 152.60.xxx.xxx/main/mainApp.swf, then try to loading 152.60.xxx.xxx/sub1/subApp1.swf, then the sub app can be loaded. Any idea any where I should look into? Thanks and regards, Deyang From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Alex Harui Sent: Wednesday, September 01, 2010 12:40 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] *** Security Sandbox Violation *** If you get that output but the application does not halt, then you can ignore it. If you want it to be sandboxed, then you can't access things in it. You would not need a crossdomain.xml file. If you are using Flex 4, make sure you added the option -includes=mx.managers.systemClasses.MarshallingSupport On 8/31/10 10:34 PM, Yu, Deyang deyang...@citi.com wrote: I am building a Flex portal. Which has main application and several sub-applications. I am using sandboxed application. I do have crossdomain.xml defined in both main application and sub applications. And in the main application, I used the swfloader like : mx:SWFLoader id=couponApp width=100% height=100% loadForCompatibility=true trustContent=false complete=allowLoading() / But when I tried to loading the sub application, it always give Security Sandbox Violation error. The error is *** Security Sandbox Violation *** SecurityDomain 'http://localhost:8080/isw/Applications.html?debug=true' tried to access incompatible context 'http://127.0.0.1:8080/coupon/Coupon.swf' Anybody has any idea and suggestion? Where did I go wrong? -- Alex Harui Flex SDK Team Adobe System, Inc. http://blogs.adobe.com/aharui
Re: [flexcoders] *** Security Sandbox Violation ***
Which version of Flex are you using? On 9/1/10 9:50 AM, Yu, Deyang deyang...@citi.com wrote: Alex, Thanks. In my local tomcat server, the application does not halt. But once I deployed it to Websphere in Solaris, the sub application cannot be loaded. All main application and sub applications are in the same domain, but with different context root. Server.com ip is 152.60.xxx.xxx Server.com/main/mainApp.swf Server.com/sub1/subApp1.swf Server.com/sub2/subApp2.swf User login from Server.com/main/mainApp, it will load subApp1.swf by using URL with ip 152.60.xxx.xxx/sub1/subApp1.swf Then this sub application cannot be loaded. But if user login from 152.60.xxx.xxx/main/mainApp.swf, then try to loading 152.60.xxx.xxx/sub1/subApp1.swf, then the sub app can be loaded. Any idea any where I should look into? Thanks and regards, Deyang From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Alex Harui Sent: Wednesday, September 01, 2010 12:40 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] *** Security Sandbox Violation *** If you get that output but the application does not halt, then you can ignore it. If you want it to be sandboxed, then you can’t access things in it. You would not need a crossdomain.xml file. If you are using Flex 4, make sure you added the option –includes=mx.managers.systemClasses.MarshallingSupport On 8/31/10 10:34 PM, Yu, Deyang deyang...@citi.com wrote: I am building a Flex portal. Which has main application and several sub-applications. I am using sandboxed application. I do have crossdomain.xml defined in both main application and sub applications. And in the main application, I used the swfloader like : mx:SWFLoader id=couponApp width=100% height=100% loadForCompatibility=true trustContent=false complete=allowLoading() / But when I tried to loading the sub application, it always give Security Sandbox Violation error. The error is *** Security Sandbox Violation *** SecurityDomain 'http://localhost:8080/isw/Applications.html?debug=true' tried to access incompatible context 'http://127.0.0.1:8080/coupon/Coupon.swf' Anybody has any idea and suggestion? Where did I go wrong? -- Alex Harui Flex SDK Team Adobe System, Inc. http://blogs.adobe.com/aharui
RE: [flexcoders] *** Security Sandbox Violation ***
SDK 3.3 From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Alex Harui Sent: Wednesday, September 01, 2010 6:28 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] *** Security Sandbox Violation *** Which version of Flex are you using? On 9/1/10 9:50 AM, Yu, Deyang deyang...@citi.com wrote: Alex, Thanks. In my local tomcat server, the application does not halt. But once I deployed it to Websphere in Solaris, the sub application cannot be loaded. All main application and sub applications are in the same domain, but with different context root. Server.com ip is 152.60.xxx.xxx Server.com/main/mainApp.swf Server.com/sub1/subApp1.swf Server.com/sub2/subApp2.swf User login from Server.com/main/mainApp, it will load subApp1.swf by using URL with ip 152.60.xxx.xxx/sub1/subApp1.swf Then this sub application cannot be loaded. But if user login from 152.60.xxx.xxx/main/mainApp.swf, then try to loading 152.60.xxx.xxx/sub1/subApp1.swf, then the sub app can be loaded. Any idea any where I should look into? Thanks and regards, Deyang From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Alex Harui Sent: Wednesday, September 01, 2010 12:40 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] *** Security Sandbox Violation *** If you get that output but the application does not halt, then you can ignore it. If you want it to be sandboxed, then you can't access things in it. You would not need a crossdomain.xml file. If you are using Flex 4, make sure you added the option -includes=mx.managers.systemClasses.MarshallingSupport On 8/31/10 10:34 PM, Yu, Deyang deyang...@citi.com wrote: I am building a Flex portal. Which has main application and several sub-applications. I am using sandboxed application. I do have crossdomain.xml defined in both main application and sub applications. And in the main application, I used the swfloader like : mx:SWFLoader id=couponApp width=100% height=100% loadForCompatibility=true trustContent=false complete=allowLoading() / But when I tried to loading the sub application, it always give Security Sandbox Violation error. The error is *** Security Sandbox Violation *** SecurityDomain 'http://localhost:8080/isw/Applications.html?debug=true' tried to access incompatible context 'http://127.0.0.1:8080/coupon/Coupon.swf' Anybody has any idea and suggestion? Where did I go wrong? -- Alex Harui Flex SDK Team Adobe System, Inc. http://blogs.adobe.com/aharui
Re: [flexcoders] *** Security Sandbox Violation ***
I just noticed it is the HTML wrapper trying to talk to the child SWF. The child SWF should not be using BrowserManager, HistoryManager and ExternalInterface APIs. Try setting historyManagementEnabled=false on the application. On 9/1/10 5:44 PM, Yu, Deyang deyang...@citi.com wrote: SDK 3.3 From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Alex Harui Sent: Wednesday, September 01, 2010 6:28 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] *** Security Sandbox Violation *** Which version of Flex are you using? On 9/1/10 9:50 AM, Yu, Deyang deyang...@citi.com wrote: Alex, Thanks. In my local tomcat server, the application does not halt. But once I deployed it to Websphere in Solaris, the sub application cannot be loaded. All main application and sub applications are in the same domain, but with different context root. Server.com ip is 152.60.xxx.xxx Server.com/main/mainApp.swf Server.com/sub1/subApp1.swf Server.com/sub2/subApp2.swf User login from Server.com/main/mainApp, it will load subApp1.swf by using URL with ip 152.60.xxx.xxx/sub1/subApp1.swf Then this sub application cannot be loaded. But if user login from 152.60.xxx.xxx/main/mainApp.swf, then try to loading 152.60.xxx.xxx/sub1/subApp1.swf, then the sub app can be loaded. Any idea any where I should look into? Thanks and regards, Deyang From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Alex Harui Sent: Wednesday, September 01, 2010 12:40 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] *** Security Sandbox Violation *** If you get that output but the application does not halt, then you can ignore it. If you want it to be sandboxed, then you can’t access things in it. You would not need a crossdomain.xml file. If you are using Flex 4, make sure you added the option –includes=mx.managers.systemClasses.MarshallingSupport On 8/31/10 10:34 PM, Yu, Deyang deyang...@citi.com wrote: I am building a Flex portal. Which has main application and several sub-applications. I am using sandboxed application. I do have crossdomain.xml defined in both main application and sub applications. And in the main application, I used the swfloader like : mx:SWFLoader id=couponApp width=100% height=100% loadForCompatibility=true trustContent=false complete=allowLoading() / But when I tried to loading the sub application, it always give Security Sandbox Violation error. The error is *** Security Sandbox Violation *** SecurityDomain 'http://localhost:8080/isw/Applications.html?debug=true' tried to access incompatible context 'http://127.0.0.1:8080/coupon/Coupon.swf' Anybody has any idea and suggestion? Where did I go wrong? -- Alex Harui Flex SDK Team Adobe System, Inc. http://blogs.adobe.com/aharui
Re: [flexcoders] Security sandbox violation
Please correct me if I'm wrong, but I think that if you launch it in standalone player, you shouldn't get the security error, well, maybe for system or read-only files, or, maybe due to other system restrictions, but generally it should just work...
Re: [flexcoders] Security sandbox violation
Yes, that's what I'm seeing with both URLLoader and HTTPService. So I guess my question becomes: How do you debug this stuff in FB ? On Mon, May 24, 2010 at 12:18 PM, Oleg Sivokon olegsivo...@gmail.comwrote: Please correct me if I'm wrong, but I think that if you launch it in standalone player, you shouldn't get the security error, well, maybe for system or read-only files, or, maybe due to other system restrictions, but generally it should just work...
Re: [flexcoders] Security sandbox violation
Sorry, are you running it in standalone player or in browser? There shouldn't be a problem if you run it in standalone player.
Re: [flexcoders] Security sandbox violation
Potentially both. The client wishes to host it on a web server (with no app server/db access) but it could also get run from the desktop, unless we provide the wrapper as part of our solution. The browser version is required. On Mon, May 24, 2010 at 12:48 PM, Oleg Sivokon olegsivo...@gmail.comwrote: Sorry, are you running it in standalone player or in browser? There shouldn't be a problem if you run it in standalone player.
Re: [flexcoders] Security sandbox violation
And both seem to work when I'm launching from the desktop, but not from the debugger. On Mon, May 24, 2010 at 1:19 PM, Richard Rodseth rrods...@gmail.com wrote: Potentially both. The client wishes to host it on a web server (with no app server/db access) but it could also get run from the desktop, unless we provide the wrapper as part of our solution. The browser version is required. On Mon, May 24, 2010 at 12:48 PM, Oleg Sivokon olegsivo...@gmail.comwrote: Sorry, are you running it in standalone player or in browser? There shouldn't be a problem if you run it in standalone player.
Re: [flexcoders] Security sandbox violation
Not sure I get it, how do you launch that from debugger? There are several options available in FB (and few more in SDK and in alternative debuggers), you can launch in browser, and if you have debug player installed there, it will start the debugger client in FB, or, you can launch in standalone debugger player, it's hard to tell which player exactly FB will use, but most often it will pick the one from your SDK, and that will be a debug player, so that again it will connect back to the debugger client in FB. One more option to debug is by launching fdb commandline debugger... On the other hand, if you don't launch that in debug player, how do you know there aren't errors?
Re: [flexcoders] Security sandbox violation
It's possible I have multiple players on my system, and FB is using a different one. By launch, I just meant using the Run/Launch button within FB as opposed to finding the wrapper html in the Finder and opening it. On Mon, May 24, 2010 at 2:04 PM, Oleg Sivokon olegsivo...@gmail.com wrote: Not sure I get it, how do you launch that from debugger? There are several options available in FB (and few more in SDK and in alternative debuggers), you can launch in browser, and if you have debug player installed there, it will start the debugger client in FB, or, you can launch in standalone debugger player, it's hard to tell which player exactly FB will use, but most often it will pick the one from your SDK, and that will be a debug player, so that again it will connect back to the debugger client in FB. One more option to debug is by launching fdb commandline debugger... On the other hand, if you don't launch that in debug player, how do you know there aren't errors?
Re: [flexcoders] Security sandbox violation
When you click launch it may either launch in browser or in standalone player. Which one does it launch?
Re: [flexcoders] Security sandbox violation
Standard behavior in FB is to launch in browser (the html-wrapper folder gets copied to bin-debug with template items filled in. I'm guessing you aren't an FB user - I'm not away of any other way to launch from within FB. On Mon, May 24, 2010 at 3:14 PM, Oleg Sivokon olegsivo...@gmail.com wrote: When you click launch it may either launch in browser or in standalone player. Which one does it launch?
Re: [flexcoders] Security sandbox violation
Well, I am, but I usually compile with Ant and launch the player from the build script. So, I really didn't remember which are the default settings. Well, that's not really related. In your case you'd need to configure the builder to launch whatever it compiles in the run configuration follow these steps: http://livedocs.adobe.com/flex/3/html/help.html?content=compile_debug_4.html#149153 they shouldn't be very different if you have FB4. Best. Oleg
Re: [flexcoders] Security sandbox violation
Uh oh. So there appears to be a Safari/Firefox difference. I was launching Safari when opening the html file in the Finder, and Firefox in Eclipse. Whichever way I launch (fb or Finder), I get the security error in Firefox, and not in Safari. Sorry for the confusion. So now I'm back to wondering if my approach is incorrect, whether I need a crossdomain.xml etc etc. To recap: I just need a folder with a swf, wrapper html and external data file. Might be hosted on the web, or e-mailed to someone. I'll read up more about security, but if anyone has tips about this scenario, I'd appreciate them. On Mon, May 24, 2010 at 3:37 PM, Oleg Sivokon olegsivo...@gmail.com wrote: Well, I am, but I usually compile with Ant and launch the player from the build script. So, I really didn't remember which are the default settings. Well, that's not really related. In your case you'd need to configure the builder to launch whatever it compiles in the run configuration follow these steps: http://livedocs.adobe.com/flex/3/html/help.html?content=compile_debug_4.html#149153 they shouldn't be very different if you have FB4. Best. Oleg
Re: [flexcoders] Security sandbox violation
No, it is different. If the SWF is embedded in HTML page, it requires that you specify the trusted locations on your machine, so it could load content: http://macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.html Read carefully the text in gray under the picture. But, if you launch it in standalone player, then, I reckon, it should be able to access local files.
Re: [flexcoders] Security sandbox violation
Not sure I follow that page, but it appears that the -use-network=false compiler flag may be helpful for this scenario. If only FB allowed you to set different compiler options for different applications within a project. On Mon, May 24, 2010 at 4:11 PM, Oleg Sivokon olegsivo...@gmail.com wrote: No, it is different. If the SWF is embedded in HTML page, it requires that you specify the trusted locations on your machine, so it could load content: http://macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.html Read carefully the text in gray under the picture. But, if you launch it in standalone player, then, I reckon, it should be able to access local files.
Re: [flexcoders] Security sandbox violation and BitmapDraw
Detach the NetStream from the video, draw it, attach the stream again - this bug exists ever since there was this security limitation, my forecast it's not going to be fixed in the upcoming year, so, you ought to be safe using that :D Best. Oleg
RE: [flexcoders] Security sandbox violation error after upgrade to SDK 3.2
For any run or just profiling? Normally the profiler swf shouldn't be in play. If a profiler session dies it can leave itself in the mm.cfg or whatever your OS equivalent is. Alex Harui Flex SDK Developer Adobe Systems Inc.http://www.adobe.com/ Blog: http://blogs.adobe.com/aharui From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Tim Hoff Sent: Tuesday, March 17, 2009 4:58 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security sandbox violation error after upgrade to SDK 3.2 Hi all, I just updated the Flex SDK to version 3.2, and am now getting a Security sandbox violation error everytime that I launch an AIR application from Eclipse. I was wondering if anyone else has run into this and might know of a fix. The stack trace is listed below. Thanks, -TH Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: file:///C|%2Fdev%2Fworkspace%2F.metadata%2F.plugins%2Fcom.adobe.flash.profiler%2FProfilerAgent.swf?host=localhostport=file:///\\C|%2Fdev%2Fworkspace%2F.metadata%2F.plugins%2Fcom.adobe.flash.profiler%2FProfilerAgent.swf?host=localhostport= cannot load data from localhost:. at ProfilerAgent()[C:\faramir\flex\sdk\modules\profiler3\as\ProfilerAgent.as:127] at runtime::ContentPlayer/loadInitialContent() at runtime::ContentPlayer/playRawContent() at runtime::ContentPlayer/playContent() at runtime::AppRunner/run() at global/runtime::ADLEntry()
Re: [flexcoders] *** Security Sandbox Violation *** ?
I'm confused, if the app runs fine, then what is the problem? Your getting a sandbox error because your trying to grab data from somewhere besides the host application's home. Alan I get the error message when I debug a application.the application works fine, but I get the message in debug console.
RE: [flexcoders] Security sandbox violation on Bitmapdata.draw( rtmpVid ) despite crosspolicy.xml
Are you testing this over http:// or file://
If file:// crossdomain.xml may not be in play.
From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf
Of jwebbsuccess
Sent: Friday, January 16, 2009 11:50 AM
To: flexcoders@yahoogroups.com
Subject: [flexcoders] Security sandbox violation on Bitmapdata.draw( rtmpVid )
despite crosspolicy.xml
Take a look at this video player; notice there is an image on screen
before the video begins playback:
http://www.huffingtonpost.com/2009/01/14/obama-on-inauguration-
you_n_157881.html
I'm trying to create similar 'preview frame' functionality in my own
custom-built Flex/AS3-based RTMP video player... I need my the player
to seek ahead to a given point in video, grab a snapshot for display
as a preview frame, then seek back to the beginning before the user
initiates playback... Or something like that.
I've already got demo code (AS2) for taking a snapshot of a video
after it has started playing. The problem is when I try to write code
to do the same thing in my AS3 player, I get sandbox violation error
as if I were running the demo SWF and my video player SWF on different
servers. Both SWFs are in document folders on my computer... The
RTMP host and I have confirmed that the permissions for using
'BitmapData.draw( obj )' on a video stream are in place (the demo
works) so I've got no idea why I'm getting the sandbox violation
error.
Can anyone help me to get a snapshot of a video stream and then return
the stream to the beginning before the user initiates playback? I've
included the FLA for the demo in Flash CS4 and CS3 format:
http://www.futurewebstudios.com/bitMapViewer2.zip
The demo code is attached separately:
---
import flash.display.BitmapData;
var nc:NetConnection = new NetConnection();
var ns:NetStream;
var myBitmapData:BitmapData = new BitmapData( 160, 120, false,
0x00CC );
var mc_1:MovieClip = this.createEmptyMovieClip( mc,
this.getNextHighestDepth() );
btnCap.addEventListener( click, captureVid );
nc.connect( rtmp://okojcizj1r.rtmphost.com/vod );
//nc.connect( rtmp://localhost/vod );
nc.onStatus = function( p_o )
{
var code = p_o.code;
trace( code );
if ( code == NetConnection.Connect.Success )
{
playLive();
}
};
function playLive()
{
trace( playLive );
mc_1._x = 195;
mc_1._y = 15;
ns = new NetStream( nc );
myVideo.attachVideo( ns );
myVideo.attachAudio( ns );
ns.play( kaye_400 );
ns.onStatus = function( p_o )
{
trace( p_o.code );
};
mc_1.attachBitmap( myBitmapData,this.getNextHighestDepth() );
}
function captureVid()
{
trace( captureVid );
myBitmapData.draw( myVideo );
}
---
I've also attached a piece of the code in my video player app so you
can see what I'm trying to do; if you need to see more of the code,
let me know and I'll send it to you:
---
public function getScreenCaptureData( seekTime:Number,
vidWidth:Number, vidHeight:Number ):Bitmap
{
var startAt:Number = _netStream.time;
trace( this + getScreenCaptureData -- startAt: + startAt
+ , seekTime: + seekTime + , vidWidth: + vidWidth + ,
vidHeight: + vidHeight );
_netStream.seek( seekTime );
var tempVid:Video = new Video( vidWidth, vidHeight );
tempVid.attachNetStream( _netStream );
var bd:BitmapData = new BitmapData( vidWidth, vidHeight );
bd.draw( tempVid );
_netStream.seek( startAt );
//to be continued...
return new Bitmap();
}
---
Thanks in advance for your help.
RE: [flexcoders] security sandbox violation in standalone player but not in browser
Might be a bug or subtle intended behavior. Read up on the security doc to see if it talks about that case. For sure, in local sandboxes, you can't back out to higher folders using ..\ so maybe that check runs in Standalone player. From: flexcoders@yahoogroups.com [mailto:flexcod...@yahoogroups.com] On Behalf Of Maciek Sakrejda Sent: Tuesday, January 06, 2009 6:37 PM To: flexcoders Subject: [flexcoders] security sandbox violation in standalone player but not in browser Our application has been working fine in various browsers. I'm trying to get it to work in the standalone player (version 9 debug and 10 debug--same behavior--for Linux) for automated testing, but I'm hitting some security sandbox violations: *** Security Sandbox Violation *** Connection to http://localhost:8080/truviso/flex/main/../../foohttp://localhost:8080/truviso/foo halted - not permitted from http://localhost:8080/truviso/flex/main/main.swf This relative URL works just fine when loading the .swf through Firefox, IE, Safari, and Opera. We're using relative URLs because we need to be able to rename the webapp without rebuilding it. There's a crossdomain.xml file in truviso/crossdomain.xml and in the root with wide-open access (for now). Any ideas why the standalone player is unhappy with this relative URL? Anything I can do with respect to crossdomain.xml or other security configuration to get around this? Thanks, -- Maciek Sakrejda Truviso, Inc. http://www.truviso.com
Re: [flexcoders] Security Sandbox Violation message
When I got this error in my app I set Security.allowDomain(*); I am not sure that's the right way of doing stuff but that did take care of my run time error and make my app up and running. Thxs Anuj On Sun, Nov 16, 2008 at 9:57 PM, brucewhealton [EMAIL PROTECTED]wrote: Hello all, Anyone have any ideas as to why I would get this message: Security Sandbox Violation? I googled it and came up with a listing where it said that if I was seeing it in Firefox browser to try it in IE browser. I did that and did not get the message when using IE. Note, this only happens when debugging an application. The thing is that what I was reading suggested that the problem could be that I don't have the plug-in for the Flash Player debugger version. However, I do have that version of Flash Player for Firefox. Any other ideas as to why it might show up when debugging an application locally? thanks, Bruce
RE: [flexcoders] Security Sandbox Violation message
A Security Violation can often be cured by allowDomain, but keep in mind, that's like making easier to get into your car by never locking it. Knowing the rest of the text with the warning will help us help you. From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of anuj sharma Sent: Monday, November 17, 2008 10:00 AM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] Security Sandbox Violation message When I got this error in my app I set Security.allowDomain(*); I am not sure that's the right way of doing stuff but that did take care of my run time error and make my app up and running. Thxs Anuj On Sun, Nov 16, 2008 at 9:57 PM, brucewhealton [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Hello all, Anyone have any ideas as to why I would get this message: Security Sandbox Violation? I googled it and came up with a listing where it said that if I was seeing it in Firefox browser to try it in IE browser. I did that and did not get the message when using IE. Note, this only happens when debugging an application. The thing is that what I was reading suggested that the problem could be that I don't have the plug-in for the Flash Player debugger version. However, I do have that version of Flash Player for Firefox. Any other ideas as to why it might show up when debugging an application locally? thanks, Bruce
Re: [flexcoders] Security sandbox violation: BitmapData.draw:
I made a workaround by using static images on my server, so the link
does not make the error anymore. It works fine in this situation, but
I'd still sure like to know what the answer to this is because I've run
into it before.
[EMAIL PROTECTED] wrote:
I have run into a problem with accessing youtube images. I can access
them once but not twice. .
Here is the example: http://journeyblueheaven.com/index.php
You can click on Watch once, and it loads an XML file from a youtube
rss, and diplays the results, including images from youtube. So far so
good. But then, but if you click on anything else, it attempts to make
the images not visible and triggers the sandbox violation below, which
requires me to set a policy flag.
This line triggers the error: Main.mxml:173 mainImgBox.visible = false;
This is not the sandbox violation where my swf cannot access another
domain. This issue is similar to the one described on this page:
http://www.cynergysystems.com/blogs/page/karljohnson?entry=working_around_security_sandbox_errors
Only that page loads images with mxml.
The way I am loading the images is with actionscript
newImage.source = xml.src;
How do I set the policy file flag in this situation, or do I need to
load the images some other way ?
If I try
[Bindable]
var loaderContext : LoaderContext;
private function imageInit() : void
{
loaderContext = new LoaderContext();
loaderContext.checkPolicyFile = true;
}
newImage.loaderContext = {loaderContext};
newImage.initialize = imageInit() ;
I get this error:
K:\flex3\jbh\fdjbh\Main.mxml(225): Error: Implicit coercion of a value
of type String to an unrelated type flash.system:LoaderContext.
Do I have the wrong syntax, perhaps ?
The code is here: http://journeyblueheaven.com/Main.mxml
SecurityError: Error #2122: Security sandbox violation: BitmapData.draw:
http://journeyblueheaven.com/fdjbh.swf cannot access
http://2.gvt0.com/ThumbnailServer2?app=vsscontentid=0f9a9bc1bda569e6offsetms=60itag=w160hl=ensigh=EMg47-bM9077Aklrd1oumF_zqec.
A policy file is required, but the checkPolicyFile flag was not set when
this media was loaded.
at flash.display::BitmapData/draw()
at
mx.effects.effectClasses::MaskEffectInstance/getVisibleBounds()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\effects\effectClasses\MaskEffectInstance.as:771]
at
mx.effects.effectClasses::MaskEffectInstance/initMask()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\effects\effectClasses\MaskEffectInstance.as:650]
at
mx.effects.effectClasses::MaskEffectInstance/startEffect()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\effects\effectClasses\MaskEffectInstance.as:463]
at
mx.effects::Effect/play()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\effects\Effect.as:930]
at
mx.effects::EffectManager$/createAndPlayEffect()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\effects\EffectManager.as:716]
at
mx.effects::EffectManager$/http://www.adobe.com/2006/flex/mx/internal::eventHandler()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\effects\EffectManager.as:575]
at flash.events::EventDispatcher/dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at
mx.core::UIComponent/dispatchEvent()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\core\UIComponent.as:9051]
at
mx.core::UIComponent/setVisible()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\core\UIComponent.as:1903]
at mx.core::UIComponent/set
visible()[E:\dev\3.0.x\frameworks\projects\framework\src\mx\core\UIComponent.as:1870]
at Main/changeState()[K:\flex3\jbh\fdjbh\Main.mxml:173]
at Main/__button1_mouseUp()[K:\flex3\jbh\fdjbh\Main.mxml:302]
Tim Hoff wrote:
* *
*private* *function* effectEndHandler():*void* {
callLater(showBox);
}
*private* *function* showBox():*void*{
mainImgBox.visible = *true*;
}
-TH
--- In flexcoders@yahoogroups.com, [EMAIL PROTECTED] [EMAIL PROTECTED]
wrote:
I have this box which I want to wipe left to hide and then wipe right
to show.
It hides all right and then it called the effectEndHandler, but
mainImgBox.visible = true; does not do anything. There is no wipe right
and the box does not appear. what am I doing wrong ?
mx:VBox id=mainImgBox hideEffect={wipeLeft}
showEffect={wipeRight}
mx:Image id=mainImg
source=@Embed(source='../media/jbh.jpg')
/
/mx:VBox
mx:WipeLeft id=wipeLeft duration=1000
effectEnd=effectEndHandler() /
mx:WipeRight id=wipeRight duration=1000/
private function effectEndHandler():void {
mainImgBox.visible = true;
}
--
Flexcoders Mailing List
FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
Alternative FAQ location:
RE: [flexcoders] Security sandbox violation error with socket connection
1. http://10.0.2.30/ is not the same domain as 10.0.2.30:80 2. If you type this into a browser, you should see your crossdomain xml file: http://10.0.2.30:80/crossdomain.xml http://10.0.2.30/crossdomain.xml 3. That crossdomain file is old, there are new required entries for the latest Flash player. I have posted them before on this list. Search for FYI in the subject line. Tracy From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Greg Hess Sent: Wednesday, July 16, 2008 1:55 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security sandbox violation error with socket connection Hi All, I am stumped. I had to use a socket to connect to a fully RESTfull (PUT, DELETE ect..) web service endpoint on our server. It has been testing fine when running from my local file system (actually have been wondering why I am not getting sandbox errors as this is definately not connecting to the same host...). However, once I deploy the app to the server, I am now getting Error#2048 Security Sandbox violation: Error#2048 Security sandbox violation http://10.0.2.30/flashclient/MainStage.swf http://10.0.2.30/flashclient/MainStage.swf cannot load data from 10.0.2.30:80. Very strange as you can see the swf is loaded from the same host... I added the following crossdomain.xml to the server root but am still getting the error, do I have to write custom code to fetche the policy file as I dont even see flash VM requesting it in server access logs? ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* / /cross-domain-policy Any help is much appreciated. Thanks, Greg
Re: [flexcoders] Security sandbox violation error with socket connection
Thanks Tracy, much appreciated. I found your previous post and have been reading many of the articles referenced and am still frusterated. I thought you were harsh with your 'execute the jerks' comment but am almost ready to join you :-). Unfortunately, I am still getting my sandbox violation after making the following changes: crossdomain.xml: ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* to-ports=80,443 / allow-http-request-headers-from domain=* headers=* / site-control permitted-cross-domain-policies=master-only/ /cross-domain-policy Server stub code: Security.loadPolicyFile(http://10.0.2.30:80/crossdomain.xml;); //Called before any socket.connect() I can now see the the policy file is requested and returned in the server access logs. However, error is still thrown. Our server does make use of rewrite rules and requests get redirected removing the port. For example when I request http://10.0.2.30:80/crossdomain.xml, I get redirected to http://10.0.2.30/crossdomain.xml. Not sure if that is a problem, but... What the heck am I doing wrong? Any help is much appreciated! Thanks, Greg On Wed, Jul 16, 2008 at 2:19 PM, Tracy Spratt [EMAIL PROTECTED] wrote: 1. http://10.0.2.30/ is not the same domain as 10.0.2.30:80 2. If you type this into a browser, you should see your crossdomain xml file: http://10.0.2.30:80/crossdomain.xml 3. That crossdomain file is old, there are new required entries for the latest Flash player. I have posted them before on this list. Search for FYI in the subject line. Tracy From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Greg Hess Sent: Wednesday, July 16, 2008 1:55 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security sandbox violation error with socket connection Hi All, I am stumped. I had to use a socket to connect to a fully RESTfull (PUT, DELETE ect..) web service endpoint on our server. It has been testing fine when running from my local file system (actually have been wondering why I am not getting sandbox errors as this is definately not connecting to the same host...). However, once I deploy the app to the server, I am now getting Error#2048 Security Sandbox violation: Error#2048 Security sandbox violation http://10.0.2.30/flashclient/MainStage.swf cannot load data from 10.0.2.30:80. Very strange as you can see the swf is loaded from the same host... I added the following crossdomain.xml to the server root but am still getting the error, do I have to write custom code to fetche the policy file as I dont even see flash VM requesting it in server access logs? ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* / /cross-domain-policy Any help is much appreciated. Thanks, Greg
RE: [flexcoders] Security sandbox violation error with socket connection
Sorry, man, we have reached the end of my knowledge on this one. I'd try a wildcard in the to-ports attribute, but that is all I can suggest. Have you gone to the source for this, that is, the security documentation? There my be additional requirements for socket access. Tracy From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Greg Hess Sent: Wednesday, July 16, 2008 3:14 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] Security sandbox violation error with socket connection Thanks Tracy, much appreciated. I found your previous post and have been reading many of the articles referenced and am still frusterated. I thought you were harsh with your 'execute the jerks' comment but am almost ready to join you :-). Unfortunately, I am still getting my sandbox violation after making the following changes: crossdomain.xml: ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* to-ports=80,443 / allow-http-request-headers-from domain=* headers=* / site-control permitted-cross-domain-policies=master-only/ /cross-domain-policy Server stub code: Security.loadPolicyFile(http://10.0.2.30:80/crossdomain.xml http://10.0.2.30:80/crossdomain.xml ); //Called before any socket.connect() I can now see the the policy file is requested and returned in the server access logs. However, error is still thrown. Our server does make use of rewrite rules and requests get redirected removing the port. For example when I request http://10.0.2.30:80/crossdomain.xml, http://10.0.2.30:80/crossdomain.xml, I get redirected to http://10.0.2.30/crossdomain.xml. http://10.0.2.30/crossdomain.xml. Not sure if that is a problem, but... What the heck am I doing wrong? Any help is much appreciated! Thanks, Greg On Wed, Jul 16, 2008 at 2:19 PM, Tracy Spratt [EMAIL PROTECTED] mailto:tspratt%40lariatinc.com wrote: 1. http://10.0.2.30/ http://10.0.2.30/ is not the same domain as 10.0.2.30:80 2. If you type this into a browser, you should see your crossdomain xml file: http://10.0.2.30:80/crossdomain.xml http://10.0.2.30:80/crossdomain.xml 3. That crossdomain file is old, there are new required entries for the latest Flash player. I have posted them before on this list. Search for FYI in the subject line. Tracy From: flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com [mailto:flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com ] On Behalf Of Greg Hess Sent: Wednesday, July 16, 2008 1:55 PM To: flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com Subject: [flexcoders] Security sandbox violation error with socket connection Hi All, I am stumped. I had to use a socket to connect to a fully RESTfull (PUT, DELETE ect..) web service endpoint on our server. It has been testing fine when running from my local file system (actually have been wondering why I am not getting sandbox errors as this is definately not connecting to the same host...). However, once I deploy the app to the server, I am now getting Error#2048 Security Sandbox violation: Error#2048 Security sandbox violation http://10.0.2.30/flashclient/MainStage.swf http://10.0.2.30/flashclient/MainStage.swf cannot load data from 10.0.2.30:80. Very strange as you can see the swf is loaded from the same host... I added the following crossdomain.xml to the server root but am still getting the error, do I have to write custom code to fetche the policy file as I dont even see flash VM requesting it in server access logs? ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* / /cross-domain-policy Any help is much appreciated. Thanks, Greg
Re: [flexcoders] Security sandbox violation error with socket connection
Thanks Tracy! I have read almost everything and still dont have it down as to what I need. But yes you are right socket policy files are a bit different. I just posted a new thread titled 'non-master socket policy files - head spinning - pls help?'. Hopefully someone can help. Much appreciated! Cheers, Greg On Wed, Jul 16, 2008 at 4:49 PM, Tracy Spratt [EMAIL PROTECTED] wrote: Sorry, man, we have reached the end of my knowledge on this one. I'd try a wildcard in the to-ports attribute, but that is all I can suggest. Have you gone to the source for this, that is, the security documentation? There my be additional requirements for socket access. Tracy From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Greg Hess Sent: Wednesday, July 16, 2008 3:14 PM To: flexcoders@yahoogroups.com Subject: Re: [flexcoders] Security sandbox violation error with socket connection Thanks Tracy, much appreciated. I found your previous post and have been reading many of the articles referenced and am still frusterated. I thought you were harsh with your 'execute the jerks' comment but am almost ready to join you :-). Unfortunately, I am still getting my sandbox violation after making the following changes: crossdomain.xml: ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* to-ports=80,443 / allow-http-request-headers-from domain=* headers=* / site-control permitted-cross-domain-policies=master-only/ /cross-domain-policy Server stub code: Security.loadPolicyFile(http://10.0.2.30:80/crossdomain.xml;); //Called before any socket.connect() I can now see the the policy file is requested and returned in the server access logs. However, error is still thrown. Our server does make use of rewrite rules and requests get redirected removing the port. For example when I request http://10.0.2.30:80/crossdomain.xml, I get redirected to http://10.0.2.30/crossdomain.xml. Not sure if that is a problem, but... What the heck am I doing wrong? Any help is much appreciated! Thanks, Greg On Wed, Jul 16, 2008 at 2:19 PM, Tracy Spratt [EMAIL PROTECTED] wrote: 1. http://10.0.2.30/ is not the same domain as 10.0.2.30:80 2. If you type this into a browser, you should see your crossdomain xml file: http://10.0.2.30:80/crossdomain.xml 3. That crossdomain file is old, there are new required entries for the latest Flash player. I have posted them before on this list. Search for FYI in the subject line. Tracy From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Greg Hess Sent: Wednesday, July 16, 2008 1:55 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security sandbox violation error with socket connection Hi All, I am stumped. I had to use a socket to connect to a fully RESTfull (PUT, DELETE ect..) web service endpoint on our server. It has been testing fine when running from my local file system (actually have been wondering why I am not getting sandbox errors as this is definately not connecting to the same host...). However, once I deploy the app to the server, I am now getting Error#2048 Security Sandbox violation: Error#2048 Security sandbox violation http://10.0.2.30/flashclient/MainStage.swf cannot load data from 10.0.2.30:80. Very strange as you can see the swf is loaded from the same host... I added the following crossdomain.xml to the server root but am still getting the error, do I have to write custom code to fetche the policy file as I dont even see flash VM requesting it in server access logs? ?xml version=1.0 ? cross-domain-policy allow-access-from domain=* / /cross-domain-policy Any help is much appreciated. Thanks, Greg
Re: [flexcoders] Security sandbox violation 2048
On Thursday 06 Dec 2007, sarah_e_boys wrote: I was hoping someone could help me with this security violation error I am getting. I recently uploaded my image gallery application to a server and when I try to download an image via a zip file I get this error. It was working fine locally. You need either a crossdomain.xml or a way to get the correct domain at run time (Application.application.url, maybe). You also want to read Adobe's Flash Player Security white paper. -- Tom Chiverton Helping to authoritatively supply killer relationships on: http://thefalken.livejournal.com Please note, as of 10th December 2007 the registered office address of Halliwells LLP will be at 3 Hardman Square, Spinningfields, Manchester, M3 3EB This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com. -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * Your email settings: Individual Email | Traditional * To change settings online go to: http://groups.yahoo.com/group/flexcoders/join (Yahoo! ID required) * To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
RE: [flexcoders] Security sandbox violation
The crossdomain.xml must be on www.lemonde.fr From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of thierrybertossa Sent: Tuesday, May 08, 2007 11:34 AM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security sandbox violation I have a strange probleme with the security sandbox... I can't load a rss feed when I put my project on my IIS (localhost) I have tried: ?xml version=1.0? !-- http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd -- cross-domain-policy allow-access-from domain=*/ /cross-domain-policy In wwwroot and in my project root... and with Security.loadPolicyFile(../crossdomain.xml); Security.loadPolicyFile(crossdomain.xml); the error message is : Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://localhost/RssNewsCalendar/RssNewsCalendar- http://localhost/RssNewsCalendar/RssNewsCalendar- debug.swf cannot load data from http://www.lemonde.fr/rss/sequence/0,2-3224,1-0,0.xml. http://www.lemonde.fr/rss/sequence/0,2-3224,1-0,0.xml. I don't understand what's wrong ?
Re: [flexcoders] Security sandbox violation and socket question
It is possible, if aimexpress.oscar.aol.com http://aol.com:5190/ provides a crossdomain.xml Cheers Ralf. On 2/19/07, elad_nyc [EMAIL PROTECTED] wrote: Josh Tynjala created the amazing application to connect to AIM (see here: http://www.zeuslabs.us/archives/6/connecting-to-aim-with-actionscript-3- sockets/), however when I try to run it on a remote server it pause for few minutes and than it gives an error messages: Error #2044: Unhandled SecurityErrorEvent:. text=Error #2048: Security sandbox violation: http://domainName.com/FlashAIM.swf cannot load data from aimexpress.oscar.aol.com:5190. it looked like other people had the same problem and the answer of Josh was You have to run the SWF from somewhere on your own computer. Is it not possible to use the socket connection form a remote server? -- Ralf Bokelberg [EMAIL PROTECTED] Flex Flash Consultant based in Cologne/Germany Phone +49 (0) 221 530 15 35
RE: [flexcoders] Security sandbox violation using PHP, APACHE MYSQL
What are you loading? Looks like the main SWF is on one domain and the other SWF is on another domain? You might need to do Security.allowDomain work? -Original Message- From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of lift69boy Sent: Friday, March 31, 2006 4:56 AM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security sandbox violation using PHP, APACHE MYSQL hi allnot a new question but still can't find the answer... i think this is more of a flash security issue but I get the following error when running my project... Error: code:Client.CouldNotDecode string:'Error #2070: Security sandbox violation: caller '%s' may not access Stage owned by '%s'.' detail:'null' architecture is flexphpmysql running on apache. i've tried the crossdomain file in many places but from reading this other forums, it is where it should be i.e. on the web server root. i've pulled all my hair out will soon progress to chopping my legs off in frustration any help greatly appreciated cheers ben -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: [flexcoders] Security sandbox violation
Hi,How are you making AMFPHP connection? Are you using carlaabreu.com/../gateway.php or www.carlaabreu.com/../gateway.php ?I think, if you are trying to access data from a sub domain to main domain, it might be problem...Not sure, check the security whitepaper for the Maths behind it...-abdul On 3/1/06, jf.saldanha [EMAIL PROTECTED] wrote: HiThis error is about cross domain files i think?But today and i put on run the example of Mike Potterhttp://blogs.adobe.com/mikepotter/I put the example run onLine that way give the error http://www.carlaabreu.com/amfphp2test.htmlThat way runhttp://carlaabreu.com/amfphp2test.html The all files is in same domain dont have files in diferent domains.Question, I need a crossdomin file?Thanks--Flexcoders Mailing ListFAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txtSearch Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links * To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/* To unsubscribe from this group, send an email to: [EMAIL PROTECTED]* Your use of Yahoo! Groups is subject to:http://docs.yahoo.com/info/terms/ -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com SPONSORED LINKS Web site design development Computer software development Software design and development Macromedia flex Software development best practice YAHOO! GROUPS LINKS Visit your group "flexcoders" on the web. To unsubscribe from this group, send an email to:[EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
RE: [flexcoders] Security Sandbox Violation when loading image
Has anyone learned any more about this issue or come up with a solution? I am experiencing a very similar problem: images loaded from another domain are generating Security Sandbox Violations of the form: *** Security Sandbox Violation *** SecurityDomain 'http://host1/foo' tried to access incompatible context 'http://host2/bar/thumbnail?width=40height=52id=pap' It does not appear to be the mere loading of these images that causes this warning. It is applying effects and accessing properties. This is true even if I wrap the Image in another component like a Canvas that I then act on. Usually, the behavior of the app does not work when this error is produced but sporadically, in the same application instance with the same images, the behavior does work while still generating these errors. Very puzzling. Alon From: Kristopher Schultz [mailto:[EMAIL PROTECTED] Sent: Friday, March 25, 2005 10:42 AM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security Sandbox Violation when loading image I'm trying to load some images from a different domain than the one my Flex app lives on. When I do, the debugger prints out a bunch of errors like this: *** Security Sandbox Violation *** SecurityDomain 'http://myserver.com/index.mxml?debug=true' tried to access incompatible context 'http://otherserver.com/someImage?wid=30' (Note, the image is dynamically generated and the URL should not include .jpg) Despite the errors, my images still seem to load in successfully, both through the Flex Builder IDE and when viewed directly in IE. Or so I thought. The weird thing I've discovered is that if my image paths are brought into my Flex app via an XML file, then I do get the errors above, but the images do load successfully. However, if my image paths come in as a result of a remote object call, I get the same errors and my images DON'T load successfully. I've double checked the exact path's that are being used in both situations by tracing out the path immediately before it is used as the value for the source property of the mx:Image tag and it is EXACTLY the same in both cases. So I have questions. First, why do I get those error messages? Secondly, if there really is a security sandbox violation, why do the images load successfully under the conditions I mentioned above? And finally, how do I prevent these violations from occurring in the first place? Thanks for any insight you can provide. Kris -- Kristopher Schultz Developer Resource Interactive p: 614.410.2123 www.resource.com -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com YAHOO! GROUPS LINKS Visit your group "flexcoders" on the web. To unsubscribe from this group, send an email to:[EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
RE: [flexcoders] Security Sandbox Violation when loading image
Hi,
It should work without having
to convert into to the AS2 type class as you did. If you simply
do:
results[0].price
results[1].price
this should get you the price
of the first product and seconds products. I assumed "results" is the name of
the object that contains the results of the RO call.
Jimmy
Gianninas
Software Developer -
Optimal Payments
Inc.
From: Kristopher Schultz
[mailto:[EMAIL PROTECTED] Sent: Monday, March 28, 2005 12:49
PMTo: flexcoders@yahoogroups.comSubject: RE: [flexcoders]
Security Sandbox Violation when loading image
Well, I figured out why I was experiencing different
behavior when pulling data in from an XML file vs. pulling it in via a remote
object. My remote object method call was returning an Array of objects which on
the Java side were instances of a simple data object class I had created called
com.myclient.Product. These objects had three properties:
label(String), imageId(String), and price(Double) which were accessible through
appropriately named getter methods. When stepping through the debugger in Flex
Builder, I could see these objects were coming through just fine with the
appropriate property names and values, but when I tried to pass each object to
my custom display component it was not displaying them, even when the same
display component had no problem displaying similar data Objects if they were
created in the AS code. So I went ahead and created an .as class called
com.myclient.myapp.Product and associated it with the Java
class using the following static variable invocation:
static var regClass =
Object.registerClass("com.myclient.Product",
com.myclient.myapp.Product);
After doing that, everything worked just
fine.
So my questions are, why did I have to create that
ActionScript class to get things to work? Is there a way to pass back a generic
AS Object from a remote object call? Would passing back objects of type
java.util.Map be the answer? Which is the better practice, passing back a
java.util.Map to be converted to an untyped Object or creating .as classes for
each typed Object that can be retured from a remote object
call.
Kris
--
Kristopher Schultz
Developer
Resource Interactive
p: 614.410.2123
www.resource.com
The weird thing
I've discovered is that if my image paths are brought into my Flex app via an
XML file, then I do get the errors above, but the images do load successfully.
However, if my image paths come in as a result of a remote object call, I get
the same errors and my images DON'T load successfully. I've double checked the
exact path's that are being used in both situations by tracing out the path
immediately before it is used as the value for the "source" property of the
mx:Image tag and it is EXACTLY the same in both
cases.
Yahoo! Groups Sponsor
ADVERTISEMENT
Yahoo! Groups Links
To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/
To unsubscribe from this group, send an email to:[EMAIL PROTECTED]
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
RE: [flexcoders] Security Sandbox Violation when loading image
You shouldnt have had to create an AS class, Im not sure why it wouldnt have worked. The regular object should have had the data you needed. Best practice is to create the class though. Matt From: Kristopher Schultz [mailto:[EMAIL PROTECTED] Sent: Monday, March 28, 2005 9:49 AM To: flexcoders@yahoogroups.com Subject: RE: [flexcoders] Security Sandbox Violation when loading image Well, I figured out why I was experiencing different behavior when pulling data in from an XML file vs. pulling it in via a remote object. My remote object method call was returning an Array of objects which on the Java side were instances of a simple data object class I had created called com.myclient.Product. These objects had three properties: label(String), imageId(String), and price(Double) which were accessible through appropriately named getter methods. When stepping through the debugger in Flex Builder, I could see these objects were coming through just fine with the appropriate property names and values, but when I tried to pass each object to my custom display component it was not displaying them, even when the same display component had no problem displaying similar data Objects if they were created in the AS code. So I went ahead and created an .as class called com.myclient.myapp.Product and associated it with the Java class using the following static variable invocation: static var regClass = Object.registerClass(com.myclient.Product, com.myclient.myapp.Product); After doing that, everything worked just fine. So my questions are, why did I have to create that ActionScript class to get things to work? Is there a way to pass back a generic AS Object from a remote object call? Would passing back objects of type java.util.Map be the answer? Which is the better practice, passing back a java.util.Map to be converted to an untyped Object or creating .as classes for each typed Object that can be retured from a remote object call. Kris -- Kristopher Schultz Developer Resource Interactive p: 614.410.2123 www.resource.com The weird thing I've discovered is that if my image paths are brought into my Flex app via an XML file, then I do get the errors above, but the images do load successfully. However, if my image paths come in as a result of a remote object call, I get the same errors and my images DON'T load successfully. I've double checked the exact path's that are being used in both situations by tracing out the path immediately before it is used as the value for the source property of the mx:Image tag and it is EXACTLY the same in both cases. Yahoo! Groups Sponsor ADVERTISEMENT Yahoo! Groups Links To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/ To unsubscribe from this group, send an email to:[EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
RE: [flexcoders] Security Sandbox Violation when loading image
Well, I figured out why I was experiencing different
behavior when pulling data in from an XML file vs. pulling it in via a remote
object. My remote object method call was returning an Array of objects which on
the Java side were instances of a simple data object class I had created called
com.myclient.Product. These objects had three properties:
label(String), imageId(String), and price(Double) which were accessible through
appropriately named getter methods. When stepping through the debugger in Flex
Builder, I could see these objects were coming through just fine with the
appropriate property names and values, but when I tried to pass each object to
my custom display component it was not displaying them, even when the same
display component had no problem displaying similar data Objects if they were
created in the AS code. So I went ahead and created an .as class called
com.myclient.myapp.Product and associated it with the Java
class using the following static variable invocation:
static var regClass =
Object.registerClass("com.myclient.Product",
com.myclient.myapp.Product);
After doing that, everything worked just
fine.
So my questions are, why did I have to create that
ActionScript class to get things to work? Is there a way to pass back a generic
AS Object from a remote object call? Would passing back objects of type
java.util.Map be the answer? Which is the better practice, passing back a
java.util.Map to be converted to an untyped Object or creating .as classes for
each typed Object that can be retured from a remote object
call.
Kris
--
Kristopher Schultz
Developer
Resource Interactive
p: 614.410.2123
www.resource.com
The weird thing
I've discovered is that if my image paths are brought into my Flex app via an
XML file, then I do get the errors above, but the images do load successfully.
However, if my image paths come in as a result of a remote object call, I get
the same errors and my images DON'T load successfully. I've double checked the
exact path's that are being used in both situations by tracing out the path
immediately before it is used as the value for the "source" property of the
mx:Image tag and it is EXACTLY the same in both
cases.
Yahoo! Groups Sponsor
ADVERTISEMENT
Yahoo! Groups Links
To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/
To unsubscribe from this group, send an email to:[EMAIL PROTECTED]
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
RE: [flexcoders] Security Sandbox Violation when loading image
Im not an expert at this by any stretch. The security sandbox violation when dealing with images/movies generally occurs because the SWF that did the loading (myserver.com/index.mxml) tries to access properties of the loaded movie (otherserver.com/someImage, and yes I realize it may not be a SWF). Im not sure why properties youd be trying to access though, maybe depth swapping or something? Maybe the Flex app does it on its own. I wonder if Manish ran into this with the map example J As for it working with XML and not with RemoteObject, that does strike me as strange. The only thing I can think of would be that somehow establishing a connection to your source server prevents the SWF from thinking that it should be allowed to contact the other server. Do you own the other server? Any chance you could try putting a crossdomain.xml file on there (see technotes for info on crossdomain). Sorry, not very useful I know, Matt From: Kristopher Schultz [mailto:[EMAIL PROTECTED] Sent: Friday, March 25, 2005 10:42 AM To: flexcoders@yahoogroups.com Subject: [flexcoders] Security Sandbox Violation when loading image I'm trying to load some images from a different domain than the one my Flex app lives on. When I do, the debugger prints out a bunch of errors like this: *** Security Sandbox Violation *** SecurityDomain 'http://myserver.com/index.mxml?debug=true' tried to access incompatible context 'http://otherserver.com/someImage?wid=30' (Note, the image is dynamically generated and the URL should not include .jpg) Despite the errors, my images still seem to load in successfully, both through the Flex Builder IDE and when viewed directly in IE. Or so I thought. The weird thing I've discovered is that if my image paths are brought into my Flex app via an XML file, then I do get the errors above, but the images do load successfully. However, if my image paths come in as a result of a remote object call, I get the same errors and my images DON'T load successfully. I've double checked the exact path's that are being used in both situations by tracing out the path immediately before it is used as the value for the source property of the mx:Image tag and it is EXACTLY the same in both cases. So I have questions. First, why do I get those error messages? Secondly, if there really is a security sandbox violation, why do the images load successfully under the conditions I mentioned above? And finally, how do I prevent these violations from occurring in the first place? Thanks for any insight you can provide. Kris -- Kristopher Schultz Developer Resource Interactive p: 614.410.2123 www.resource.com Yahoo! Groups Sponsor ADVERTISEMENT Yahoo! Groups Links To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/ To unsubscribe from this group, send an email to:[EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
Re: [flexcoders] Security Sandbox Violation when loading image
On Fri, 25 Mar 2005 20:32:14 -0800, Matt Chotin [EMAIL PROTECTED] wrote: wonder if Manish ran into this with the map example J The map sample loads images from the same host, but the flickr/delicious sample loads them directly from flickr.com. http://www.flexauthority.com/Samples/delicious/WhatsCooking.mxml I tried running fdb with this, and yes it does show that error message for every image it loads. [trace] *** Security Sandbox Violation *** [trace] SecurityDomain 'http://localhost:8100/test/delicious/WhatsCooking.mxml?re compile=truedebug=true' tried to access incompatible context 'http://photos3.fl ickr.com/6430573_f536dcde22_m.jpg' Then I found this: http://www.visible-form.com/blog/85.html I tried doing allowDomain() in my app's initialize handler, but it doesn't seem to help. I don't know much about this whole security/sandbox thing, but maybe some on the list who knows can suggest something based on what I found out so far. Manish Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
