安全沙箱违规:缺乏策略文件权限
我正在使用 as3httpclientlib 将数据发布到我的网络服务,但我不断 遇到以下安全违规。有谁知道如何解决这个问题? 我的 crossdomain.xml 文件位于安全违规通知下方。
注意:我使用 apache 来代理对 Web 服务的请求,因此目标 url/端口和为小程序提供服务的 url/端口是相同的 - 即 http://192.168 .100.101。此外,crossdomain.xml 文件位于 Web 应用 的根目录中,该应用程序为小程序而不是 Web 服务 提供服务;但是,由于请求是代理的,因此文件的 url 为 http://192.168.100.101/crossdomain.xml
* 安全沙箱违规 * 连接到 192.168.100.101:80 已停止 - 不允许 http://192.168.100.101/com-web/flex/ComUi.swf错误:请求资源位于 xmlsocket://192.168.100.101:80 通过 请求者来自 http://192.168.100.101/com-web/flex/ComUi.swf 由于缺乏政策文件而被拒绝 权限。
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
<allow-access-from domain="*" to-ports="80, 8080" />
</cross-domain-policy>
谢谢。
I'm using as3httpclientlib to post data to my web service, but I'm continually
getting the following security violation. Does anyone know how to resolve this?
My crossdomain.xml file is below the security violation notice.
NOTE: I'm using apache to proxy requests to the web service, therefore the target url/port and the url/port serving the applet are the same -- i.e. http://192.168.100.101. Also, the crossdomain.xml file is located in the root of the web app which serves the applet rather the web service; however, since the requests are proxied the url for the file is http://192.168.100.101/crossdomain.xml
* Security Sandbox Violation * Connection to 192.168.100.101:80
halted - not permitted from
http://192.168.100.101/com-web/flex/ComUi.swf Error: Request for resource at
xmlsocket://192.168.100.101:80 by
requestor from
http://192.168.100.101/com-web/flex/ComUi.swf
is denied due to lack of policy file
permissions.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
<allow-access-from domain="*" to-ports="80, 8080" />
</cross-domain-policy>
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您是否尝试使用 WireShark 对其进行调试,看看应用程序是否在端口 843 上发送请求以及服务器是否通过套接字发回响应?您的帖子中并不完全清楚您是否已经使用服务器应用程序来提供策略文件,如果没有,您应该,无论如何,下面的链接应该有所帮助。
如果您需要有关工作原理的更多信息,可以查看此
Did you tried to debug it with WireShark, see if the app sends the request on port 843 and if the server sends back the response via socket? It was not totally clear in your post if you already use a server app to serve the policy file, if not, you should, either the way, the link below should help.
If you need more info about how things work, you can check out this