0

I have developed a flex component which I am using on salesforce visualforce page. When I run that flex component on local machine it works fine. But when I run i through salesforce page it says

*** Security Sandbox Violation ***
Connection to https://ap1.salesforce.com/services/async/28.0/job/750900000004QUe/batch halted - not permitted from https://ashcloud.ap1.visual.force.com/resource/1375959623000/ashcloud__Flash/Salesforce_Bulk_Upload.swf
httpStatusHandler: [HTTPStatusEvent type="httpStatus" bubbles=false cancelable=false eventPhase=2 status=0 redirected=false responseURL=null]
securityErrorHandler: [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2170: Security sandbox violation: https://ashcloud.ap1.visual.force.com/resource/1375959623000/ashcloud__Flash/Salesforce_Bulk_Upload.swf cannot send HTTP headers to https://ap1.salesforce.com/services/async/28.0/job/750900000004QUe/batch."]

Please note that I have already loaded Salesforce cross-domain file from by:

Security.loadPolicyFile("https://www.salesforce.com/services/crossdomain.xml");

Security.loadPolicyFile("https://www.force.com/services/crossdomain.xml");

which shows warning on console:

Warning: Domain www.force.com does not explicitly specify a meta-policy, but Content-Type of policy file https://www.force.com/crossdomain.xml is 'text/x-cross-domain-policy'.  Applying meta-policy 'by-content-type'.

Warning: Domain www.salesforce.com does not explicitly specify a meta-policy, but Content-Type of policy file https://www.salesforce.com/crossdomain.xml is 'text/x-cross-domain-policy'.  Applying meta-policy 'by-content-type'.

When flex component try to hit Salesforce Bulk API it show me security error. How can i hit API from flex component and resolve this security issue?

Thanks

Ashwani
  • 3,463
  • 1
  • 24
  • 31
  • 2
    You are loading the crossdomain from the www subdomains and calling the ap1 subdomain. Don't you need to load https://ap1.salesforce.com/crossdomain.xml ? – Christophe Herreman Aug 08 '13 at 15:30
  • Since the force.com crossdomain file prompts me to download it instead of displaying in the browser; is it possible that the force.com domain is incorrectly configured and that is causing flash an error? If you're properly loading the files w/ the loadPolicyFile() methid, this is probably not the case. – JeffryHouser Aug 08 '13 at 16:06
  • @Reboog711 force.com/salesforce.com cross-domain file is ` ` I am loading it by `Security.loadPolicyFile("https://www.salesforce.com/services/crossdomain.xml"); Security.loadPolicyFile("https://www.force.com/services/crossdomain.xml");` Please tell me if this not the right way. – Ashwani Aug 09 '13 at 07:25

0 Answers0