powered by Jive Software

Dreaded Crossdomain Issue

I seem to be having a problem getting Flex to accept my security policy. I’m running CentOS 5 with Apache and the crusty old Jabberd daemon (sorry - don’t have the memory for Java on this box). I’ve created a very simple application to test out XIFF. Here’s the main hunk of code:

Security.loadPolicyFile(“http://10.0.1.100/crossdomain.xml”);

connection = new XMPPConnection();

connection.username = “blahblah”;

connection.password = “mypassword”;

connection.server = “10.0.1.100”;

connection.port = 5222;

connection.addEventListener(LoginEvent.LOGIN, onLogin);

connection.connect();

And here’s the love notes that I get back from Flex:

[SWF] /~ssokol/webscribe/XMPP-debug/XMPP.swf - 792,611 bytes after decompression

Warning: Domain 10.0.1.100 does not specify a meta-policy. Applying default meta-policy ‘master-only’. This configuration is deprecated. See http://www.adobe.com/go/strict_policy_files to fix this problem.

Warning: [strict] Ignoring policy file at xmlsocket://10.0.1.100:5222 due to incorrect syntax. See http://www.adobe.com/go/strict_policy_files to fix this problem.

*** Security Sandbox Violation ***

Connection to 10.0.1.100:5222 halted - not permitted from http://localhost/~ssokol/webscribe/XMPP-debug/XMPP.swf

Error: Request for resource at xmlsocket://10.0.1.100:5222 by requestor from http://localhost/~ssokol/webscribe/XMPP-debug/XMPP.swf is denied due to lack of policy file permissions.

there was a security error of type: securityError

Error: Error #2048: Security sandbox violation: http://localhost/~ssokol/webscribe/XMPP-debug/XMPP.swf cannot load data from 10.0.1.100:5222.

[Unload SWF] /~ssokol/webscribe/XMPP-debug/XMPP.swf

Client is running in FireFox on my Mac. Server is running on the Linux box. Apache is dutifully serving up the crossdomain.xml file. Here’s what’s in it:

    <allow-access-from domain="*" to-ports="*" secure="false"/>

So the question is, why is this throwing a Sandbox Violation? It loads the policy. The policy says that anyone from any domain can talk to any port that will respond to it. What gives? Any help would be much appreciated.
av_manager.doc (57344 Bytes)
Client_Response.doc (33280 Bytes)
Server_response.doc (26624 Bytes)