Socket connection in browser

Hello,

I am using flash socket to connect to ftp and upload files. Its working fine in flash IDE but it give security error in browser. I have loaded policy file by Security.loadpolicyFile() also i have specified Security.allowDomain(“*”) but still it doesnt work. I have placed my crossdomain.xml at root level on ftp.

My crossdomain.xml looks like this…

<!DOCTYPE cross-domain-policy SYSTEM “http://www.adobe.com/xml/dtds/cross-domain-policy.dtd”>

<cross-domain-policy>

<site-control permitted-cross-domain-policies=“master-only”/>

<allow-access-from domain=“" to-ports="” />

<allow-access-from domain=“" to-ports="” />

</cross-domain-policy>

Yet there is security error…

Can anyone help me?

What does your connection events and socket policy load events return? How are you serving the socket policy file?

Hello sir,

When i use socket.connect it fires neither of events nor connected event nor progressevent.socket_data event and after 3-4 seconds if i explicitly check is server connected by socket.connected it returns false.

When i run this in browser and check in debugger then i get following errors

Firstly i get

[COLOR="Red"]Warning: [strict] Ignoring policy file at xmlsocket://domain.com:21 due to incorrect syntax. See [Policy file changes in Flash Player 9 and Flash Player 10 | Adobe Developer Connection](http://www.adobe.com/go/strict_policy_files) to fix this problem.[/COLOR]

 and then i get error

 [COLOR="Red"]Error: Request for resource at xmlsocket://domain.com:21 by requestor from http://domain.com/test/uploads/Uploader_cs4.swf is denied due to lack of policy file permissions[/COLOR]

 then finally it gives this error

 [COLOR="Red"]Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://domain.com/test/uploads/Uploader_cs4.swf cannot load data from domain.com:21.[/COLOR]

  And sir what do u mean by socket policy load events..??? I load my policy file through Security.loadPolicyFile()

The security policy file doesn’t actually get loaded until you open the socket, at which points the events surrounding that operation will indicate whether it was successful or not - in your case the first warning tells you this. I seem to remember issues I have had in the past with serving policy files as I think they may have to finish with a null byte and not be served over certain common ports.

Hello sir,

  I did not get you. By this do you mean that my crossdomain.xml should end with null byte...??? I am passing policy file as 

Security.loadPolicyFile(“xmlsocket://domain.com:21”);

I am passing crossdomain file over port 21 and it is xml file at root level…

and i tried other ports in flash IDE but then if i use another port it even does not connect to ftp in flash IDE…

The policy file needs to be -served- by a socket server, you can’t just make a request to any other web server which will try and transact with its own protocol. The easiest way to do this is to use an extra module of your existing server e.g http://www.beamartyr.net/articles/adobepolicyfileserver.html

Hello sir,

  How to serve policy file over socket....??? means to write policy file content on socket....???

Yes

Hello sir

  I tried with even writing crossdomain file content on socket by socket.writeUTFBytes() but it isnt working.. I wrote this content on both socket immediately after connecting but still it continues to give security error...

You need to load the socket policy file from a socket server, you can’t ‘self write’ it from within the swf

Hello sir,

   I could not get you...Means how to load policy file from server...? can you give me some example of it....?

The url I posted earlier in the thread has an example for apache. There’s perl and python examples here: Setting up a socket policy file server | Adobe Developer Connection