How to configure the flex crossdomain.xml in Python Google App Engine Sdk
https://stackoverflow.com/questions/4993157
-
13-11-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have created a flex application in the Python Gae sdk and I got the error 2048, so I put a crossdomain.xml under the static folder. The crossdomain.xml is following:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM “/xml/dtds/cross-domain-policy.dtd”>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>
And, I add the following in the app.yaml:
- url: /crossdomain.xml
static_files: static/crossdomain.xml
upload: static/crossdomain.xml
However, I still got the error 2048. Therefore, I would like to know is anything I need to configure or miss in my case and how to fix the error.
Please advice. Thanks.
Solution
I haven't used crossdomain.xml with Flash, but I have with Unity3d. I've gotten it to work, and what you have looks correct.
Have you visited yoursite.com/crossdomain.xml to make sure it's visible in a browser?
If Flash is really picky you might need to specify a mimetype (text/xml or application/xml)
- url: /crossdomain.xml
mime_type: text/xml
static_files: static/crossdomain.xml
upload: static/crossdomain.xml
You also might want to check you crossdomain.xml in a validator to make sure you're not missing a /> or something like that.
Also, check out html5boilerplate's crossdomain.xml. Their least restrictive version should work on any site:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html -->
<!-- Most restrictive policy: -->
<!--
<site-control permitted-cross-domain-policies="none"/>
-->
<!-- Least restrictive policy: -->
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
<!--
If you host a crossdomain.xml file with allow-access-from domain=“*”
and don’t understand all of the points described here, you probably
have a nasty security vulnerability. ~ simon willison
-->
</cross-domain-policy>
OTHER TIPS
FlashPlayer is looking for the crossdomain.xml file in the URL domain root, e.g.
domain.com/crossdomain.xml
Is where the FlashPlayer wants to find it.
However, you can use Security.loadPolicyFile(url) to load a crossdomain.xml file from an alternate location on the server.
