我觉得我在这件事上好像是在碰壁。我尝试过(我认为)跨域xml文件的每种变体都没有成功。无论我尝试什么,我似乎都无法使我的跨域Loader()请求工作。以下是我的policyfiles.txt日志文件
的输出OK: Root-level SWF loaded: http://cool.com:81/WEBPLAYERAS3.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/9175218823c9438aa322cdb767561dbd.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/a61d36278cc44cd1a0b8fa10f3edc914.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/ba8d7a1701954a6cb03e7aaf12a26a2b.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/91f6f184518247f0916692286dd7101a.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf
OK: Policy file accepted: https://replayservice2.secretdomain.com/crossdomain.xml
Error: Request for resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/9175218823c9438aa322cdb767561dbd.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf is denied due to lack of policy file permissions.
Error: Request for resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/a61d36278cc44cd1a0b8fa10f3edc914.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf is denied due to lack of policy file permissions.
Error: Request for resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/ba8d7a1701954a6cb03e7aaf12a26a2b.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf is denied due to lack of policy file permissions.
Error: Request for resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/91f6f184518247f0916692286dd7101a.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf is denied due to lack of policy file permissions.
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/9175218823c9438aa322cdb767561dbd.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf
Error: Request for resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/9175218823c9438aa322cdb767561dbd.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf is denied due to lack of policy file permissions.
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/9175218823c9438aa322cdb767561dbd.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf
Error: Request for resource at https://replayservice2.secretdomain.com/api/servlet/screenshot/0.8/1.0/9175218823c9438aa322cdb767561dbd.jpg by requestor from http://cool.com:81/WEBPLAYERAS3.swf is denied due to lack of policy file permissions.
<cross-domain-policy xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*" secure="true"/>
<site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>
请注意,实际的域名已被替换为secretdomain.com。
我所做的就是在AS3中检索图像并将它们分配给位图。
:
这个问题似乎只发生在从一个不安全的服务器调用我们的安全服务器时。这是被禁止的,还是有别的办法?
你的更新是你的整个问题的答案:
"这个问题似乎只发生在从一个不安全的服务器调用我们的安全服务器时。这是被禁止的,还是有别的办法?"
特别是当我们看到你的政策文件的重要部分:
<allow-access-from domain="*" secure="true"/>
那个"secure=True"部分意味着你非常明确地不允许调用mix-n-match安全连接和不安全连接,它们都必须是安全的。通过在那里设置"真实"值,你就是那个禁止它的人。当然,解决方法是将其设置为"secure=False",就像在这里发布的其他几个策略文件中一样。
如果您尝试从http端口通信到https端口,您将得到"swf被拒绝,由于缺乏策略文件权限"为了避免这种类型的错误,您可以在crossdomain.xml
中包含以下标记<>以前& lt;Allow-access-from domain="*" secure="false" to-ports="*">之前解决了"Security Sandbox Violation"
如果你得到一个警告消息"没有指定元策略。应用默认的元策略'master-only'。在crossdomain.xml
中放置以下标签<>以前& lt;站点控制允许跨域策略="all">如果有帮助的话,我已经包括了我们的跨域策略。唯一不同的是site-control标签。
<cross-domain-policy xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<site-control permitted-cross-domain-policies="all"/>
<allow-http-request-headers-from domain="*"/>
<allow-access-from domain="*" secure="false" to-ports="*"/>
</cross-domain-policy>
我是一个ActionScript新手,但是Security.allowDomain("domain.com")做的伎俩?
我看到你贴的东西
OK: Root-level SWF loaded: http://cool.com:81/WEBPLAYERAS3.swf
这告诉我你的swf被加载到端口81
你在哪个端口发送跨域信号?
除了在'allow-access-from'标签中设置secure="false"外,还可以在'allow-http-request-headers-from'标签中设置secure="false"。你的crossdomain.xml应该是这样的-
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="SOAPAction" secure="false"/>
</cross-domain-policy>