开发者

How to configure the flex crossdomain.xml in Python Google App Engine Sdk

开发者 https://www.devze.com 2023-02-11 10:51 出处:网络
I have created a flex application in the Python Gae sdk and I got the error 2048, so I put a cr开发者_高级运维ossdomain.xml under the static folder.

I have created a flex application in the Python Gae sdk and I got the error 2048, so I put a cr开发者_高级运维ossdomain.xml under the static folder. The crossdomain.xml is following:

<?xml version="1.0"?> 
<!DOCTYPE cross-domain-policy SYSTEM “/xml/dtds/cross-domain-policy.dtd”>
<cross-domain-policy> 
<site-control permitted-cross-domain-policies="all"/> 
<allow-access-from domain="*" to-ports="*" secure="false"/> 
<allow-http-request-headers-from domain="*" headers="*" secure="false"/> 
</cross-domain-policy> 

And, I add the following in the app.yaml:

- url: /crossdomain.xml 
  static_files: static/crossdomain.xml 
  upload: static/crossdomain.xml

However, I still got the error 2048. Therefore, I would like to know is anything I need to configure or miss in my case and how to fix the error.

Please advice. Thanks.


I haven't used crossdomain.xml with Flash, but I have with Unity3d. I've gotten it to work, and what you have looks correct.

Have you visited yoursite.com/crossdomain.xml to make sure it's visible in a browser?

If Flash is really picky you might need to specify a mimetype (text/xml or application/xml)

- url: /crossdomain.xml 
  mime_type: text/xml
  static_files: static/crossdomain.xml 
  upload: static/crossdomain.xml

You also might want to check you crossdomain.xml in a validator to make sure you're not missing a /> or something like that.

Also, check out html5boilerplate's crossdomain.xml. Their least restrictive version should work on any site:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>


<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html -->

<!-- Most restrictive policy: -->
<!--
    <site-control permitted-cross-domain-policies="none"/>
-->


<!-- Least restrictive policy: -->
    <site-control permitted-cross-domain-policies="all"/>
    <allow-access-from domain="*" to-ports="*" secure="false"/>
    <allow-http-request-headers-from domain="*" headers="*" secure="false"/>
<!--
  If you host a crossdomain.xml file with allow-access-from domain=“*”      
  and don’t understand all of the points described here, you probably       
  have a nasty security vulnerability. ~ simon willison
-->

</cross-domain-policy>


FlashPlayer is looking for the crossdomain.xml file in the URL domain root, e.g.

domain.com/crossdomain.xml

Is where the FlashPlayer wants to find it.

However, you can use Security.loadPolicyFile(url) to load a crossdomain.xml file from an alternate location on the server.

More info on Adobe livedocs

0

精彩评论

暂无评论...
验证码 换一张
取 消