Hi I'm trying a simple tutorial of retrieving RSS feeds from yahoo and keep getting this error:
RPC Fault faultString="Security error accessing url" faultCode="Channel.Security.Error" faultDetail="Destination: DefaultHTTP"
I've seen some articles that say I need a crossdomain.xml file, but I don't really know how to set this file up and how to use it from the Flex SDK compiler (mxmlc).
Thanks
The crossdomain.xml file needs to live at the root of the server that you are accessing. If they have not put that there, then you are out of luck when running in the browser. It is part of an important security aspect of running in a browser sandbox (Silverlight has the same restriction). It is waived if you are running in Air (or pretty much anything out of the browser).
Lets say that you are trying to receive data from http://foo.com/rest/rss/all (or something like that). You can chec quickly to see if they allow cross-site scripting (XSC) by browsing to http://foo.com/crossdomain.xml. If it is not there, then you can't do it.
Still, the comments you got about more information would help us give you a better answer.
Related
Hi i have a flex file upload application over https it works fine on all IE browsers.
Recently a client with IE9 reported a complaint that she's not able to upload files.
I can see the error generated is IO Error #2038.
The adobe documentation says 2038 is File I/O Error.This error occurs when an application can't get file size, creation date or modification data using the FileReference API.
Can some one help me point out what could be the issue here.
All i can think of is browser issues like, browser cache, some new configuration in IE9 am unaware of or permission on the client directory.
Help will be much appreciated.
thanks
I suggest you to use Charles debugging proxy, which is must have tool for all Flash/Flex developers, and see the difference in IE8 and IE9. Maybe the problem is in some HTTP headers or something else.
I have a similar issue. Later I found out that upload feature doesn't work for latest version of flash player over https. Then I tried sending the upload requests via http instead of https. Now its working fine. Try this, it may help in your case aswell.
I've created a VBScript that collects event data from a Windows machine and stores it in a CSV file.
I want to upload this data via http back to our office server, but the file sizes are quite large. So i looked at some multipart/streaming solutions, but im told that if i initiate these file uploads programmatically, any http proxies or firewalls will block/deny the requests?
Can anyone confirm if that is indeed true, and what would a way to get around that?
I need to have a programmed solution in place to upload the files, and i cant rely on an end-user to manually invoke the upload (as i understand that would get around the firewall/http proxy issue)
Can anyone help or advise on this matter?
I found this previous answer, but wasnt sure if it applies to me? Is this solution programmatically imitating a browser file upload request, or will it ask the user to 'pick the file'?
Upload files with HTTPWebrequest (multipart/form-data)
To know if it will be blocked you would have to try it, if you have some code you tried we could help you with errors you encounter. Some general advise:
Compress the CSV before sending, the gains could be impressive.
Try to use a synchronising service like dropbox, it passes some firewalls if properly configured.
If security is not a big issue and the FTP port is open in the firewall you could try to transfer it with FTP, there are vbs scripts that do this but you will have to fiddle until it works.
If abolutely nothing else works you can use a regular browser and have a script interact with it. You could try it with the AutoIt ActiveX, don't try this with sendkeys.
If you are wanting to learn, try another language, it would be for more easy to do this in a language like Ruby which has far more options to use internet communication and handle proxy's etc.
I'm creating an ASP.NET application which uses Facebook Connect and fbml tags. It also uses the LinkedIn widget. When I run this app in any browser, there are no warnings and everything works. However, in IE, a message like this comes up:
Security Warning:
The current webpage is trying to open a site in your Trusted sites list. Do you want to allow this?
Current site:http://www.facebook.com
Trusted site:http://localhost
(same for LinkedIn.com). I know how to fix this from a client perspective and to stop the security warning showing up. However, is it possible to ensure this message doesn't come up as it could be off putting for users who don't know how to suppress this warning? I haven't tried uploading it to my webhost, so not sure if this message will appear for everyone in production. However, I always get it on my local machine.
(None of my pages use SSL, so I don't think that's the issue. I tried using FB's HTTPS urls but that didn't make a difference).
Thanks
I have come across the IE message many times. Whilst this might not be the case here I always check in Firebug to see if any requests are going to Https (using Net tab). If may be the case that something you are referencing is itself making a call to something else.
Often you get that message if you are serving an https page and then going to fetch an image over http.
Might not help but is the first thing I do in this situation.
I am developing a flex charting web application which gets data from csv files. This application is supposed to be installed on the website of a client. The client uses a web server management system where the URLs generated are pretty long and contain non-alphanumeric characters. An example is given below:
http://www.example.com/EXTERNAL/ORGANIZATION/0,,contentMDK:20135608~pagePK:64060242~piPK:64060289~theSitePK:299948,00.html
The problem is that on my test server, the application is running just fine. But when deployed on the client's site, the application and the charts load, but the CSV data fails to load. The error given is:
Input output error: IO_ERROR
I have tried both relative referencing (relative with respect to the swf file) and absolute reference to the URL of the csv file. But both approaches have failed.
Any ideas?
I would ideally like to stay away from absolute URLs since that would break down if the charts need to move to another location.
Thanks
Vinayak
Umm, I don't know what to say really. Not knowing much about the server I'll have to resort to a list of things I can think of. Some of these are admittedly just a stab in the dark. In general it appears that this is a server side issue and as a front end developer you can't be expected to solve this. I know that getting the application to work is the priority here, but if you don't have access to the server there not much you can do to this issue.
First let's eliminate the completely obvious. Is the file ending definitely supposed to be .html and not .csv?
My original thought was that the CMS is somehow blocking Flash from loading the content, but would allow a browser to access it. Since it won't allow that either there are three options that come to mind:
1) The server or the browser does something to the URL when you make the request. Try installing the LiveHTTPHeaders (link) add on for Firefox, that'll allow you to look at the raw HTTP requests and responses. There might be some server side redirects that affect the request. The HTTP Headers should help you with that too.
2) The .csv files are kept in a folder that the web server doesn't have read access to.
3) maybe you need to use HTTPS instead of HTTP. This would be a bit strange since you are getting the URL from the server in the first place. The clients server admin should be able to sort this out for you.
4) I'm not sure what would happen if the script that handles your request is Python. In Python the colons are directory separators, so that might throw the whole thing off.
5) The clients management system does something strange to the URL before it's handed to you. Although I'm not sure how you would test this.
That's it I think. I'm out of ideas for now. For the testing I would forget the flex application and just try the requests from the browser address bar first. Since the application is working on your test server the issue shouldn't be your code. When you get the requests to work on the browser, if they still don't work from Flex then it's your code.
I don't know how much it helps, but there is an as3 CSVLib available.
About the IOError, can you please paste the text ?
If you listen for the IOErrorEvent and trace event.text in the handler,
you should something similar to this:
Error #2035: URL Not Found. URL: yourFile.csv
HTH,
George
I want to go live with my site.
...but I need help with a security violation I am incurring.
I've seen various threads on this forum regarding a crossdomain.xml file to include and link to, but I don't get it... no matter what I try I still end up with the same result. You'll note below that it is not recommended to use crossdomain hacks.
FWIW, this only happens when I export a release build... I can load the php data w/out an issue in my debug/developing phase locally in Flex.
What gives? When I make a PHP based request for data I always get this error popping up:
Error #2044: Unhandled securityError:.
text=Error #2048: Security sandbox
violation:
http://alubow.com/jml_testing/viewable/alubow_project.swf
cannot load data from
http://www.alubow.com/jml_testing/foldergrab.php?ipath=assets/bitmap/portrait_thumbs/&tpath=assets/bitmap/portrait_imgs/.
at utils.php::DirectoryReader() at
alubow_project/newScroller() at
alubow_project/mainClickOut()
Is there code I need to add to get this to work? Do I need to configure the server I am using?
I will need to go live with this site soon and these errors I am getting both locally and serverside (via a browser) are unacceptable.
COULD THIS BE A PROBLEM WITH THE FLASH PLAYER I HAVE INSTALLED?
I have the debugger version of flash player 10.
jml
The problem is with the www prefix. I guess you are trying to load a page with out the www subdomain and the URL you are looking for does have that prefix.
Now, what you need to do is one of the following:
change the request url
add both www.yourdomain.com And yourdomain.com to the crossdomain.xml
call the url dymanicaly. this is the best solution but needs some more work. you can get it done using ExternalInterface and connection to JS here. OR you can use the BrowserManager.
Enjoy!
It may be because your app is requesting from www.alubow.com when hosted from alubow.com, which triggers a request for http://www.alubow.com/crossdomain.xml, which doesn't exist. You could refer to your app as www.alubow.com/jml_testing/viewable/alubow_project.swf and avoid the error.
Alternately, you could add a crossdomain.xml file to www.alubow.com.
I know this is weird but for local files loaded through the flash player you probably just need to hit this page. Look near the top right for something that looks like an example image. It's actually a Flex application. Click successive tabs until you read the Global Security Settings panel (currently 3rd from the left, with an image of a globe and padlock). Select the "Edit locations" menu, and choose "Add location". You can then add your swf or your folder of swf's into the whitelist and they'll be able to access outside resources magically.