I'm at a loss. I can't figure out why Flash is not loading my policy file properly. I'm testing this from the Flash Debugger.
I've also tried from http://127.0.0.1:80/game (it sends a request to http://127.0.0.1:3014/socket.io/1/).
Security.loadPolicyFile('xmlsocket://127.0.0.1:843'); var r:URLRequest = new URLRequest(); r.url = httpProtocal+"://" + domain + "/socket.io/1/?time=" + new Date().getTime(); r.method = URLRequestMethod.POST; var ul:URLLoader = new URLLoader(r); ul.addEventListener(Event.COMPLETE, onDiscover); ul.addEventListener(HTTPStatusEvent.HTTP_STATUS, onDiscoverError); ul.addEventListener(IOErrorEvent.IO_ERROR , onDiscoverError);
The error:
> webSocketLog: policy file: xmlsocket://127.0.0.1:843 Error #2044:
> Unhandled securityError:. text=Error #2048: Security sandbox
> violation: file:///ude/game/bin-release/Game.swf cannot load data from
> http://127.0.0.1:3014/socket.io/1/?time=1359025067289. at
> com.pnwrain.flashsocket::FlashSocket()
Yet this works:
> echo -ne '<policy-file-request/>\0' | nc -v 127.0.0.1 843
Connection to 127.0.0.1 843 port [tcp/*] succeeded!
<?xml version='1.0' ?>
<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
<cross-domain-policy>
<allow-access-from domain='*' to-ports='*' />
</cross-domain-policy>
Specifying the absolute path to the crossdomain.xml doesn't work either. I can load this file in my browser.
> webSocketLog: policy file: http://127.0.0.1:843/crossdomain.xml
> Error #2044: Unhandled securityError:. text=Error #2048: Security
> sandbox violation: file:///ude/game/bin-release/Game.swf cannot load
> data from http://127.0.0.1:3014/socket.io/1/?time=1359025126138. at
> com.pnwrain.flashsocket::FlashSocket()
Not even this works (solution from a very popular blog post):
import flash.system.Security;
Security.allowDomain("http://127.0.0.1");
Here's the debugger policy file log:
> OK: Root-level SWF loaded:
> file:///ude/game/bin-release/Game.swf
> OK: Searching for <allow-access-from> in policy files to authorize
> data loading from resource at
> http://127.0.0.1:3014/socket.io/1/?time=1359026453454 by requestor
> from
> file:///ude/game/bin-release/Game.swf
> Error: [strict] Ignoring policy file at
> http://127.0.0.1:3014/crossdomain.xml due to missing Content-Type.
> See http://www.adobe.com/go/strict_policy_files to fix this problem.
> Error: Request for resource at
> http://127.0.0.1:3014/socket.io/1/?time=1359026453454 by requestor
> from
> file:///ude/game/bin-release/Game.swf
> is denied due to lack of policy file permissions. Warning: HTTP
> response headers not available on this platform. Strict policy file
> rules cannot be enforced. OK: Policy file accepted:
> http://127.0.0.1:843/crossdomain.xml
The interesting part here is that the OK: Policy file accepted
message comes AFTER the errors, even though I'm calling:
Security.loadPolicyFile('http://127.0.0.1:843/crossdomain.xml');
before the URLRequest
. So I moved the URLRequest
into a setTimeout, and now the log says:
> OK: Root-level SWF loaded:
> file:///ude/game/bin-release/Game.swf
> Warning: HTTP response headers not available on this platform. Strict
> policy file rules cannot be enforced. OK: Policy file accepted:
> http://127.0.0.1:843/crossdomain.xml OK: Searching for
> <allow-access-from> in policy files to authorize data loading from
> resource at http://127.0.0.1:3014/socket.io/1/?time=1359028255268 by
> requestor from
> file:///ude/game/bin-release/Game.swf
> Error: [strict] Ignoring policy file at
> http://127.0.0.1:3014/crossdomain.xml due to missing Content-Type.
> See http://www.adobe.com/go/strict_policy_files to fix this problem.
So, it seems to have loaded the 843 policy file fine, but then tries to load the port 3014 policy file (maybe checking for a sub-policy file?). Which is just a socket.io HTML page saying 'Welcome to socket.io'. It doesn't seem like it should fail for that reason..
I get this in the debugger alert:
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: file:///ude/game/bin-release/Game.swf cannot load data from http://127.0.0.1:3014/socket.io/1/?time=1359028255268.
at MethodInfo-3642()
at Function/http://adobe.com/AS3/2006/builtin::apply()
at SetIntervalTimer/onTimer()
at flash.utils::Timer/_timerDispatch()
at flash.utils::Timer/tick()
Any ideas much appreciated. Thank you!
The key for a succesfull connection and policy validation is:
1) Have a crossdomain.xml file in the same folder as your socket.io script.
2) Serve this crossdomain.xml through http in the same host:port where the socket.io server is running.
3) To achieve this you need to install the express framework besides socket.io. Using express and socket.io you can serve the crossdomain.xml through http and the connection sockets at the same time on the same port.
4) With this method, flash can find crossdomain.xml in the location in which initially seeks this policy file (the same host:port), avoiding the need to load a policy file from flash manually (you can disable loadPolicyFile)
Would be something like this:
I am not pro at policy files but this looks suspicious:
Seems like policy file is ignored because it has no or invalid Content-Type header.
From Adobe:
And this:
Also check you server why HTTP response headers are not available:
Hope this helps.