0

I'm trying to make a http request with the urlloader and urlrequest in as3. This gives an error of stream error 2032 and that is because the website doesnt allow urlrequests from Flash?

Anyway, why do this happend? How can I "fool" the website to just think this is a normal request made from a browser (firefox, chrome)? 

        var loader:URLLoader = new URLLoader();
        var request:URLRequest = new URLRequest("http://www.travian.com");

        loader.addEventListener(Event.COMPLETE, on_complete);
        loader.load(request);

EDIT: What im trying to ask is... How does the website know this is a http request from adobe air? And how do I make it look like a http request from Firefox/Chrome or whatever.

user3151165
  • 35
  • 6
  • what is the url you are hitting? can you try with another url like http://stackoverflow.com/ ? – mika Jan 27 '14 at 07:30
  • the url is the same as in the code example I gave. http://www.travian.com. Stackoverflow.com worked as it should. But I know this website (which is a game) travian.com will try to block these kinds of things to prevent bots/cheating. You can't get the website into a iframe either. I think my question is more general than just to as3, more: How do the website know it's a request from a adobe air program. And how do I hide this information. – user3151165 Jan 27 '14 at 09:49
  • Ok, I played around with "Modify Headers" for firefox and Wireshark. This: Referer: app:/Travian.swf <-- Header makes it fail. Read around and it seems as3 can't modify some specific header and not removing them either... Guess I can't do my project then? – user3151165 Jan 27 '14 at 11:16
  • Yeah you can set custom headers in AS3, what part is blocking the request? To me sounds like a server config issue more that a flash security stop. – mika Jan 27 '14 at 15:10
  • I would have suggested to look into crossdomain.xml, but since the server responds with 403, i would definitely look into the server config – mika Jan 27 '14 at 15:11
  • No AS3 can't modify all of the headers, some of the banned. The header "Referer" is making this, and that one seemed to be banned and cannot be modified. "403 Forbidden Request forbidden by administrative rules." is the message... What is crossdomain.xml? – user3151165 Jan 27 '14 at 17:28
  • By using the socket class you can create your own loader. With the socket class you can write any header you want. However this is most-likely not your issue. You are being denied because the request is not authenticated. – The_asMan Feb 10 '14 at 20:48

1 Answers1

0

Add a file called crossdomain.xml at the root of your public directory on your server.

It should point here: http://www.travian.com/crossdomain.xml

And should contain the following:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
  <site-control permitted-cross-domain-policies="master-only" />
  <allow-access-from domain="*" secure="false" />
  <allow-http-request-headers-from domain="*" headers="*" />
</cross-domain-policy>
mika
  • 1,411
  • 1
  • 12
  • 23
  • I don't have the greatest understanding for this but... The website, Travian.com blocks anyone who access the site with a Referer in the http header. Is it possible to bypass this with the solution you wrote? – user3151165 Jan 27 '14 at 19:53
  • I think you need to look into server config - there is not much more i can do to help here. – mika Jan 27 '14 at 19:59