I have a web site at www.mydomain.com. It has some web
services available at www.mydomain.com/services/ I have put a
crossdomain.xml in the root of my site that has the following in it
to allow any subdomains to call the webservices. This worked when I
had flash player 9 installed but since upgrading to 10 it no longer
works.
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.mydomain.com" />
</cross-domain-policy>
I have tried to do some research and I came across this article,http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_07.html but I don't know what exactly I need to change. I've looked at the log that is created and this is what was in the file. Can anyone help me here? Also, do I need to do anything with the swf/fla file to get it to use the crossdomain.xml file? Right now it doesn't specify anything in the flash file itself so I'm not sure if there's something I need to do to make it see and use the policy file. Thanks.
OK: Root-level SWF loaded:http://subdomain.mydomain.com/Flash/Top4Modules.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource athttp://www.mydomain.com/services/trainingservices.asmx?WSDL by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf
Warning: Domain www.mydomain.com does not specify a meta-policy. Applying default meta-policy 'master-only'. This configuration is deprecated. Seehttp://www.adobe.com/go/strict_policy_files to fix this problem.
OK: Policy file accepted:http://www.mydomain.com/crossdomain.xml
OK: Request for resource athttp://www.mydomain.com/services/trainingservices.asmx?WSDL by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf is permitted due to policy file athttp://www.mydomain.com/crossdomain.xml
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource athttp://www.mydomain.com/services/trainingservices.asmx by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf
OK: Searching for <allow-http-request-headers-from> in policy files to authorize header sending to URLhttp://www.mydomain.com/services/trainingservices.asmx by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf
Error: Request for resource athttp://www.mydomain.com/services/trainingservices.asmx by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf is denied due to lack of policy file permissions.
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.mydomain.com" />
</cross-domain-policy>
I have tried to do some research and I came across this article,http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_07.html but I don't know what exactly I need to change. I've looked at the log that is created and this is what was in the file. Can anyone help me here? Also, do I need to do anything with the swf/fla file to get it to use the crossdomain.xml file? Right now it doesn't specify anything in the flash file itself so I'm not sure if there's something I need to do to make it see and use the policy file. Thanks.
OK: Root-level SWF loaded:http://subdomain.mydomain.com/Flash/Top4Modules.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource athttp://www.mydomain.com/services/trainingservices.asmx?WSDL by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf
Warning: Domain www.mydomain.com does not specify a meta-policy. Applying default meta-policy 'master-only'. This configuration is deprecated. Seehttp://www.adobe.com/go/strict_policy_files to fix this problem.
OK: Policy file accepted:http://www.mydomain.com/crossdomain.xml
OK: Request for resource athttp://www.mydomain.com/services/trainingservices.asmx?WSDL by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf is permitted due to policy file athttp://www.mydomain.com/crossdomain.xml
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource athttp://www.mydomain.com/services/trainingservices.asmx by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf
OK: Searching for <allow-http-request-headers-from> in policy files to authorize header sending to URLhttp://www.mydomain.com/services/trainingservices.asmx by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf
Error: Request for resource athttp://www.mydomain.com/services/trainingservices.asmx by requestor fromhttp://subdomain.mydomain.com/Flash/Top4Modules.swf is denied due to lack of policy file permissions.