Why is Flash demanding a crossdomain.xml file when the .swf and http target are both on localhost?

Question

I\'ve got a small client/server test application where I have a Flex app that makes an HTTP request of a server app. The server app is a script running on my local machine, lis

Answer 1

Using the policyfile.txt I figured out that the policy file was denied because there was no Content-Type specified by the server. This explains why it was impossible to find anything blogged about it.

Hope this helps someone.

In Flex 4.5 Mac /Users/[YOUR_USER_NAME]/Library/Preferences/Macromedia/Flash Player/Logs>tail -f policyfiles.txt

Answer 2

It may be that although you have the same host and protocol between the client page and server, the different port causes Flash to fail the same-origin test and request the crossdomain.xml to see what it's allowed to do. I'm assuming the page hosting your Flash content is running on port 80? If that's the case, check out Wikipedia's article on the same origin policy (http://en.wikipedia.org/wiki/Same_origin_policy) for the details.

The crossdomain.xml doesn't seem to be too cumbersome for local testing and is pretty well documented on help.adobe.com. You can create a crossdomain.xml in the root of your website like this, which will allow all access:

<?xml version="1.0"?> 
<!-- http://localhost/site/crossdomain.xml --> 
<cross-domain-policy> 
    <site-control permitted-cross-domain-policies="all"/> 
    <allow-access-from domain="*" to-ports="*"/> 
</cross-domain-policy>

I wouldn't use the above for anything other than local development as you're basically allowing any domain to request content.

Hope this helps!