使用 Flex 从 https 地址加载策略文件

发布于 2024-10-13 03:32:01 字数 3184 浏览 5 评论 0原文

我在尝试从 httprequest 到 https 地址获取结果时遇到了巨大的困难。 我正在从该地址加载策略文件,但仍然收到 2048 安全错误。

我像这样在预初始化处理程序中加载我的策略文件。

private function preint(e:FlexEvent):void
            {
                Security.loadPolicyFile("https://api.soundcloud.com/crossdomain.xml");
            }

我的服务器给我返回一个我需要的特殊令牌,然后我尝试使用 urlrequest 和 urlloader 向我需要的资源发出请求。

private function getprivatetracks():void
        {
                var url:String=new String("https://api.soundcloud.com/me/tracks?oauth_token=" + testapplicationparameters["oauth_token"])
            var req:URLRequest=new URLRequest()
            req.contentType="application/x-www-form-urlencoded"
            req.method=URLRequestMethod.GET;
            req.url=url;

            var loader:URLLoader=new URLLoader()
            loader.dataFormat=URLLoaderDataFormat.TEXT;
            loader.dataFormat="text";
            loader.load(req);
            configureListeners(loader);


        }

如果我找出我正在调用的网址并将其粘贴到浏览器中,我可以很好地看到结果。这纯粹是一个闪光的东西。 当我从 Flex IDE 以调试模式运行 swf 时,请求工作正常。仅当 swf 位于服务器上时才会出现此问题。

我花了一天中最好的时间来敲脑袋试图解决这个问题。

有人可以建议我可能做错了什么吗?

我猜我缺乏一些关于 flash 如何处理 https 的基本知识。

编辑1

Error: Request for resource at https://api.soundcloud.com/me/tracks?oauth_token=0000000NBfKiNXEYG00FWTUGAy5Uw68r by requestor from http://myserver/content/flash/soundcloud/sclive.swf is denied due to lack of policy file permissions.

*** Security Sandbox Violation ***
Connection to https://api.soundcloud.com/me/tracks?oauth_token=0000000NBfKiNXEYG00FWTUGAy5Uw68r halted - not permitted from http://myserver/content/flash/soundcloud/sclive.swf
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://myserver/content/flash/soundcloud/sclive.swf cannot load data from https://api.soundcloud.com/me/tracks?oauth_token=0000000NBfKiNXEYG00FWTUGAy5Uw68r.
    at sclive/getprivatetracks()[C:\flex_projects\sclive\src\sclive.mxml:74]
    at sclive/authorize_result_handler()[C:\flex_projects\sclive\src\sclive.mxml:62]
    at flash.events::EventDispatcher/dispatchEventFunction()
    at flash.events::EventDispatcher/dispatchEvent()
    at HTTPOperation/http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\http\HTTPService.as:763]
    at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/mx/internal::resultHandler()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\AbstractInvoker.as:263]
    at mx.rpc::Responder/result()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\Responder.as:46]
    at mx.rpc::AsyncRequest/acknowledge()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\AsyncRequest.as:74]
    at DirectHTTPMessageResponder/completeHandler()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\messaging\channels\DirectHTTPChannel.as:409]
    at flash.events::EventDispatcher/dispatchEventFunction()
    at flash.events::EventDispatcher/dispatchEvent()
    at flash.net::URLLoader/onComplete()

编辑2

我尝试捕获安全错误事件并检查网址以确保没有重定向,但处理程序永远不会被调用!尽管我已经为其编写了处理程序,但我总是收到未处理的异常错误。

I'm having an epic amount of difficulty trying to get a result from a httprequest to a https address.
I'm loading a policy file from the address but I'm still getting the 2048 security error.

I load my policy file like so in my preinitilize handler.

private function preint(e:FlexEvent):void
            {
                Security.loadPolicyFile("https://api.soundcloud.com/crossdomain.xml");
            }

My server gives me back a special token I need and then I try to make a request to the resource I need using a urlrequest and urlloader.

private function getprivatetracks():void
        {
                var url:String=new String("https://api.soundcloud.com/me/tracks?oauth_token=" + testapplicationparameters["oauth_token"])
            var req:URLRequest=new URLRequest()
            req.contentType="application/x-www-form-urlencoded"
            req.method=URLRequestMethod.GET;
            req.url=url;

            var loader:URLLoader=new URLLoader()
            loader.dataFormat=URLLoaderDataFormat.TEXT;
            loader.dataFormat="text";
            loader.load(req);
            configureListeners(loader);


        }

If I trace out the url I'm calling and paste it into a browser I can see the result fine. It's purely a flash thing.
When I run the swf in debug mode from the flex IDE the request works fine. The problem only occurs when the swf is on a server.

I've spend the best part of a day banging my head trying to figure this out.

Could somebody suggest what I might be doing wrong?

I'm guessing I'm lacking some fundamental knowledge about how flash deals with https.

EDIT 1

Error: Request for resource at https://api.soundcloud.com/me/tracks?oauth_token=0000000NBfKiNXEYG00FWTUGAy5Uw68r by requestor from http://myserver/content/flash/soundcloud/sclive.swf is denied due to lack of policy file permissions.

*** Security Sandbox Violation ***
Connection to https://api.soundcloud.com/me/tracks?oauth_token=0000000NBfKiNXEYG00FWTUGAy5Uw68r halted - not permitted from http://myserver/content/flash/soundcloud/sclive.swf
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://myserver/content/flash/soundcloud/sclive.swf cannot load data from https://api.soundcloud.com/me/tracks?oauth_token=0000000NBfKiNXEYG00FWTUGAy5Uw68r.
    at sclive/getprivatetracks()[C:\flex_projects\sclive\src\sclive.mxml:74]
    at sclive/authorize_result_handler()[C:\flex_projects\sclive\src\sclive.mxml:62]
    at flash.events::EventDispatcher/dispatchEventFunction()
    at flash.events::EventDispatcher/dispatchEvent()
    at HTTPOperation/http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\http\HTTPService.as:763]
    at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/mx/internal::resultHandler()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\AbstractInvoker.as:263]
    at mx.rpc::Responder/result()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\Responder.as:46]
    at mx.rpc::AsyncRequest/acknowledge()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\rpc\AsyncRequest.as:74]
    at DirectHTTPMessageResponder/completeHandler()[C:\autobuild\3.5.0\frameworks\projects\rpc\src\mx\messaging\channels\DirectHTTPChannel.as:409]
    at flash.events::EventDispatcher/dispatchEventFunction()
    at flash.events::EventDispatcher/dispatchEvent()
    at flash.net::URLLoader/onComplete()

EDIT 2

I've tried catching the security error event and checking the url to make sure theres no redirects going on but the handler never gets called! I always get the unhanled exception error even though I've written a handler for it.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

农村范ル 2024-10-20 03:32:01

出于安全原因,不建议允许 HTTP 内容访问 HTTPS 内容。
因此,如果 soundcloud 希望允许 HTTP 内容访问其数据,他们应该在 crossdomain.xml 中指定它(在allow-access-from 标记中使用属性 secure="false")。

但是,我刚刚注意到 http 上还有一个跨域:
http://api.soundcloud.com/crossdomain.xml

所以我建议您使用这个URL而不是 HTTPS,它应该可以工作

It is not advisable to permit HTTP content to access HTTPS content for security reasons.
So, if soundcloud wants to allow HTTP content to access its data, they should specify it in their crossdomain.xml (using the attribute secure="false" in the allow-access-from tag).

However, I've just noticed there is also a crossdomain on http :
http://api.soundcloud.com/crossdomain.xml

So I suggest you to use this URL instead of the HTTPS and it shloud work

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文