Stack Overflow
Stack Overflow

Questions tagged [crossdomain.xml]

A cross-domain policy file is an XML document that grants a web client—such as Adobe Flash Player, Adobe Reader, etc.—permission to handle data across multiple domains.

A cross-domain policy file (crossdomain.xml) is an XML document that grants a web client—such as Adobe Flash Player, Adobe Reader, etc.—permission to handle data across multiple domains.

216 questions
0
votes
1 answer

Flash crossdomain.xml on Tomcat 8 at port 8080

On my local Tomcat 8 I added crossdomain.xml as explained here: Where do I put a crossdomain XML in Tomcat? I did the check and I can see http://localhost:8080/crossdomain.xml from the browser. But when I try to send a request from an swf in one…
rapt
  • 11,810
  • 35
  • 103
  • 145
0
votes
1 answer

Can Flash load static .JPG files without crossdomain.xml policies?

I'm doing a Flash Banner for an ADv campaing. Since the max swf file size allowed is very low, I'm trying to load external JPG images from the main server. Reading the crossdomain policies for Flash movies I see that: You cannot load variables or…
null
  • 2,080
  • 26
  • 37
0
votes
1 answer

Flex HTML Post Error - Security Problem?

I have a swf that I have created that make a few HTML posts. When I run and compile the swf locally, it successfully makes posts to my php code hosted on my domain. However when I then upload my swf to my domain, and then alter the embed tag to have…
Ryan
  • 165
  • 1
  • 11
0
votes
1 answer

CSRF Bypass using ActionScript via weak CrossDomain.xml

I have a target which has weak CrossDomain.xml but it prevents CSRF attack looking at one of the custom HTTP headers. I found following actionscript on a couple of websites, which works perfectly except that it doesnt set the header. This…
shellcode
  • 31
  • 5
0
votes
0 answers

crossdomain.xml issue causing "send failed" error

In our environment we have both a primary and contingency server to ensure some continuity of operations in the event one site goes down. During testing of the contingency server we discovered a Flex based application will not allow users to login…
wblakenc
  • 464
  • 1
  • 5
  • 19
0
votes
1 answer

Specific File Allowed crossdomain.xml

How can I restrict access to only xml.php (or if not that then the path: /api/*) To any domain? I've only found how to do domains but not paths or files.
Johnny
  • 1,963
  • 4
  • 21
  • 24
0
votes
1 answer

Flash Security Exception in URLLoader (subdomain issue)

I'm working on a Flash magazine. When the magazine loads, it starts fetching all the needed images for the pages. However, I've run into a strange Security Issue :S. Let me try to explain... This is how everything is setup on the…
Ale Morales
  • 2,728
  • 4
  • 29
  • 42
0
votes
0 answers

tomcat crossdomain.xml not found 404

I'm running a web server that requires crossdomain.xml at the root of the tomcat server The current Tomcat folder configuration: webapps/ ROOT/crossdomain.xml web/server_files port 8080 Under web folder there is a file clientapp.jsp that…
royB
  • 12,779
  • 15
  • 58
  • 80
0
votes
1 answer

System.security.loadPolicyFile not loading from the custom location (Flash AS 2)

All, I'm trying to load a cross-domain policy file from a custom location (instead of the root). Specifically, the developer of a web service I'm trying to call has installed a cross-domain policy file on his server…
mattstuehler
  • 9,040
  • 18
  • 78
  • 108
0
votes
1 answer

What happens when Flash accesses an https resource?

If a swf located at http://example.com/test.swf makes a request to https://secure.com/webservice.xml, what happens? Adobe's documentation on cross domain policy files notes the "secure" attribute. secure: [HTTPS and Sockets only, optional]…
joelt
  • 2,672
  • 2
  • 24
  • 32
0
votes
0 answers

How to use or load flash file exists on different server

I want to use flash file stored on another server or repository. I am using below code in xsl to add flash file. https://www.***.com/docs/swf/Spreadsheet.swf The problem is I am unabele to create swfObject because that flash file is not getting…
Nitesh
  • 1,477
  • 5
  • 23
  • 34
0
votes
2 answers

Flash security sandbox: calling a Javascript that makes a call to a different site

Edit: I mixed a.com and b.com in my original post, I'll try to rephrase stuff correctly: A HTML page is loaded from a.com The HTML embeds a Flash client from b.com HTML contains a Javascript function that makes a connection to a.com, ie the origin…
fish
  • 1,050
  • 9
  • 13
0
votes
1 answer

Crossdomain error in Jw player

I'm getting this "Cannot access m3u8: cross domain access denied" error in my JW Player.There is already an crossdomain.xml file in the server I'm trying to access and I can't change it, Can anyone tell me if it's possible to force the player to…
Aravind
  • 461
  • 1
  • 5
  • 12
0
votes
1 answer

Flash Player is not working in domain, but working if i provided IP

I have developed a player in AS3. It is working if i provide the IP of the website. But, it is not working when i provide the full domain name. Even, i provide the crossdomain.xml for global access. Please suggest.
Shashi
  • 12,487
  • 17
  • 65
  • 111
0
votes
1 answer

Proxy script in PHP to circumvent missing crossdomain.xml - missing minor tweaks

1st the background - so that you see, that I'm not trying anything malicious: I have a flash app in the russian social network vkontakte.ru which displays user avatars. Until now my .swf file has been hosted at their domain, so that fetching and…
Alexander Farber
  • 21,519
  • 75
  • 241
  • 416
1 2 3
14 15