On Wed, Sep 29, 2010 at 5:39 PM, dougx <[email protected]> wrote: > Submitted patches for this, now working, but binding port 843 on the > server means you have to run as root when you run the server. You can > work around by setting an iptables redirect and binding a higher port > though.
Hurgh thats really annoying. I did some reading of how flash's policy file works. It first tries to connect on port 843, then it calls Security.loadPolicyFile() if it exists in actionscript in the SWF [1], and after that it tries on the destination port. The request isn't an HTTP request, its a weird custom TCP connection. We could try and edit jetty's websocket server to listen to the policy file request as well, but I expect that way lies dragons. So, can we edit the flash file? Maybe we can add that loadPolicyFile() method in the SWF to load the policy file from another port (say, 8843) and make the server by default host the policy file on both that port and port 843, if it has permission. That way it should all work even if the server isn't run with permission to open port 843. [1] From http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html: If an ActionScript Security.loadPolicyFile() command exists within the SWF file, then the Flash Player runtime checks that location. Flash Player checks the destination of the loadPolicyFile() only after it has checked the master policy file on port 843 for permission to acknowledge other policy files. If the developer has not specified a loadPolicyFile() command, then Flash Player checks the destination port of the connection. > Anyhow, still looks like it needs some work, so I've created a branch > for it, here: > http://code.google.com/r/douglaslinder-websockets/source/checkout Ok cool. -J > Anyone should be able to check that out and run the server & connect > with ff or Ie8. > > ~ > Doug. > > On Sep 28, 12:10 pm, Joseph Gentle <[email protected]> wrote: >> On Tue, Sep 28, 2010 at 2:06 PM, dougx <[email protected]> wrote: >> > Yeah, I'll add the policy server as a patch this evening. >> >> Sweet. You can just amend the current patch - pass '-i 152001' to the >> code review tool. >> >> > Also, yeah. I signed the policy thingo yesterday. Didn't it work? >> >> You did? Cool. >> >> -J >> >> > ~ >> > Doug. >> >> > On Sep 28, 7:44 am, Joseph Gentle <[email protected]> wrote: >> >> Cool bananas. Can you add the socket policy service to your changeset? >> >> (Or we could do it in a seperate change I guess..) >> >> >> Also, as Lennard said in the CL, do you mind signing the contributors >> >> license agreement? Legally, we can't commit the code until you do. >> >> For >> >> individuals:https://spreadsheets.google.com/viewform?hl=en&formkey=dFRhNXkzejl1LX... >> >> For >> >> companies:https://spreadsheets.google.com/viewform?formkey=dDdJal91bDdEREFsaEF1... >> >> >> Cheers >> >> Joseph >> >> >> On Mon, Sep 27, 2010 at 6:27 PM, dougx <[email protected]> wrote: >> >> > Still have to see about the auth service, but you can see the version >> >> > of the code I'm using here (now finally working with ff was my fault >> >> > for javascript fail, not the socket protocol): >> >> >http://codereview.waveprotocol.org/152001/show >> >> >> > If you want it to work, you'll have to merge in the service from the >> >> > other branch, or run an external service for now (eg. >> >> >http://www.lightsphere.com/dev/articles/socketpolicy.tar.gz) >> >> >> > ~ >> >> > Doug. >> >> >> > On Sep 26, 6:47 pm, dougx <[email protected]> wrote: >> >> >> So, >> >> >> >> I've portedhttp://github.com/gimite/web-socket-jsintothewave- >> >> >> protocol's GWT websocket implementation so the client works with >> >> >> firefox, etc. >> >> >> >> woo. >> >> >> >> ..but although it seems to talk it doesn't actually work. :( It just >> >> >> sits on 'Never Connected' status in firefox. >> >> >> >> The console log is showing: >> >> >> >> [WebSocket] policy file: xmlsocket://192.168.1.10:843 >> >> >> [WebSocket] Flash object is ready >> >> >> [WebSocket] FABridge initializad >> >> >> [WebSocket] connected >> >> >> [WebSocket] request header: GET /socket HTTP/1.1 Upgrade: WebSocket >> >> >> Connection: Upgrade Host: 192.168.1.10:9898 >> >> >> Origin:http://192.168.1.10:9898 >> >> >> Cookie: Sec-WebSocket-Key1: 28 `50e7kptb 6v (35=-1 8U Sec-WebSocket- >> >> >> Key2: 2i58 5 334H 8 6' E 4' >> >> >> [WebSocket] sent key3: -µ”£Îªç… >> >> >> [WebSocket] response header: HTTP/1.1 101 WebSocket Protocol Handshake >> >> >> Upgrade: WebSocket Connection: Upgrade >> >> >> Sec-WebSocket-Origin:http://192.168.1.10:9898Sec-WebSocket-Location:ws://192.168.1.10:9898... >> >> >> [WebSocket] reply digest: ÿICú 8¼ ‡gPÈ” õî >> >> >> >> O_o I haven't had time to dig into what that might mean on the socket >> >> >> comm protocol; anyone here have some idea? >> >> >> >> I recall some discussion about protocol versions or something? >> >> >> >> Other things: >> >> >> >> As described here, a policy file service needs to >> >> >> run:http://www.lightsphere.com/dev/articles/flash_socket_policy.html >> >> >> >> At the moment I'm just running a separate script on the server to >> >> >> handle that, but it seems like a dumb solution. Seems like Fedone >> >> >> should handle this, but it's a bit hacky to be opening other port just >> >> >> for flash websocket support. >> >> >> >> thoughts? >> >> >> >> Also, how should the code base handle the swf source? At the moment >> >> >> I've just dumped the binary into: >> >> >> wave-protocol/src/com/google/gwt/websockets/client/binary/ >> >> >> >> ...but that also seems like a poor long term solution. >> >> >> >> ~ >> >> >> Doug. >> >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups "Wave Protocol" group. >> >> > To post to this group, send email to [email protected]. >> >> > To unsubscribe from this group, send email to >> >> > [email protected]. >> >> > For more options, visit this group >> >> > athttp://groups.google.com/group/wave-protocol?hl=en. >> >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "Wave Protocol" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group >> > athttp://groups.google.com/group/wave-protocol?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Wave Protocol" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/wave-protocol?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en.
