Hi Matt,

I appreciate you jumping into this thread and I look forward to your
response.

-Ben

On Dec 16, 2:07 pm, Matt Harris <thematthar...@twitter.com> wrote:
>  Thanks for letting us know about this. I've asked the team to if this file
> should be as restrictive as it currently is.
>
> Best
> @themattharris
> Developer Advocate, Twitterhttp://twitter.com/themattharris
>
> On Thu, Dec 16, 2010 at 11:16 AM, WildFoxMedia <wildfoxme...@gmail.com>wrote:
>
> > Super, they are all returning the same thing now, which is blocking
> > access from any non-twitter domain which you can see below:
>
> > <cross-domain-policy xsi:noNamespaceSchemaLocation="http://
> >www.adobe.com/xml/schemas/PolicyFile.xsd">
> > <allow-access-from domain="twitter.com"/>
> > <allow-access-from domain="api.twitter.com"/>
> > <allow-access-from domain="search.twitter.com"/>
> > <allow-access-from domain="static.twitter.com"/>
> > <site-control permitted-cross-domain-policies="master-only"/>
> > <allow-http-request-headers-from domain="*.twitter.com" headers="*"
> > secure="true"/>
> > </cross-domain-policy>
>
> > What is Twitters official stance on this? Are Flash developers SOL and
> > required to use a server-side proxy to grab images, or are we supposed
> > to be able to grab profile images from *.twimg?
>
> > On Dec 15, 5:57 pm, John Adams <j...@twitter.com> wrote:
> > > a0 through a4 should offer identical crossdomain.xml files.
> > > They are all going through a CDN, so it might be the case that the CDN
> > > endpoint you are hitting has a stale file.
>
> > > I just checked all of the CDN endpoints from here and they are returning
> > the
> > > same data. Try again?
>
> > > -john
>
> > > On Wed, Dec 15, 2010 at 5:20 PM, WildFoxMedia <wildfoxme...@gmail.com
> > >wrote:
>
> > > > Im currently seeing the same issue, however, in completely reverse.
>
> > > > As of this moment, a0 & a1 are not allowing other domains and a2 & a3
> > > > are allowing all domains.
>
> > > > The other day, all 4 were not allowing other domains.
>
> > > > Is there any reason or rhyme for this and more importantly, what is
> > > > the expectation? Are we supposed to be able to make calls from Flash
> > > > for profile images or not?
>
> > > > On Nov 28, 3:57 pm, stephen <sno...@bcm.com.au> wrote:
> > > > > Hey,
>
> > > > > It appears the crossdomains for a2, a3, etc are different and are
> > > > > preventing flash from accessing profile images on these domains.  a0
> > > > > and a1 are fine, however the api returns profile image urls using all
> > > > > of these domains (a0 - a?).
>
> > > > > Are the crossdomains suppose to be all the same or are we suppose to
> > > > > target only the first two?  From the few that I've tested, it seems
> > > > > all profile images are accessible through the a0 or a1 domains
> > despite
> > > > > what the api returns.
>
> > > > > Crossdomains
>
> > > >http://a0.twimg.com/crossdomain.xmlhttp://a1.twimg.com/crossdomain.xm.
> > ..
>
> > > > > Stephen
>
> > > > --
> > > > Twitter developer documentation and resources:
> >http://dev.twitter.com/doc
> > > > API updates via Twitter:http://twitter.com/twitterapi
> > > > Issues/Enhancements Tracker:
> > > >http://code.google.com/p/twitter-api/issues/list
> > > > Change your membership to this group:
> > > >http://groups.google.com/group/twitter-development-talk
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk
>
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Reply via email to