crossdomain.xml

I have a new site I am working on that is using adsense. It is https://viewing.nyc and very much a work in progress. I have some adsense ads displaying on the site already and they work -- ins the sense that they actually display ads -- but they output a ton of garbage in the Safari console. The message I constantly see is the classic: Blocked a frame with origin "https://googleads.g.doubleclick.net" from accessing a frame with origin "https://viewing.nyc". Protocols, domains, and ports must match. So, I have been playing around with it for a few days here and there, googling for solutions and

I've got a small client/server test application where I have a Flex app that makes an HTTP request of a server app. The server app is a script running on my local machine, listening on port 8001. The client is a swf that I am running locally, and uses mx.rpc.http.HTTPService to make the page request. The HTTPService is being set up as per below: _HttpService = new HTTPService(); _HttpService.url = "http://localhost:8001"; _HttpService.contentType = "text/xml"; When I make a basic page request, my server app is first receiving a "GET /crossdomain.xml HTTP/1.1" request, which is failing since I

I'm trying to get a bitmap/snapshot of a Wowza video stream playing on my client, like so: var bitmapData:BitmapData = new BitmapData(view.videoPlayerComponent.width, view.videoPlayerComponent.height); bitmapData.draw(view.videoPlayerComponent); When I do this, I get this error message: SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://localhost:51150/Resources/WRemoteWebCam.swf cannot access rtmp://localhost/videochat/smithkl42._default/. No policy files granted access. I presume the error comes from not being able to locate the appropriate crossdomain.xml file.

So let's say I have a site and I do not have a crossdomain.xml or clientaccesspolicy.xml on it. This means that people cannot access my site via Silverlight or Flash applications. But they can use, say cURL in PHP (or the equivalent in other languages) to get the information from my site and provide it to their Silverlight and Flash applications via REST or WebService, etc. Can someone explain exactly how these restrictions protect my site, e.g. from cross domain scripting? What are they protecting against that couldn't be done with PHP/cURL and equivalents which do have access to my site via

This is my crossdomain.xml that I put in the same folder of my Web.config : <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all"/> <allow-access-from domain="*" secure="false" /> <allow-http-request-headers-from domain="*" headers="*" /> </cross-domain-policy> Although I can load using Security.loadPolicyFile("http://localhost:52090/crossdomain.xml") . When my swf try to comunicate with my local site (asp.net mvc) it says: Error #2048: Security sandbox

Does anyone have any experience with Java pulling data from another domain? Assuming my client has a minimum of 1.6.0_10, how likely is it for it to work. I've seen some posts saying it works, then others saying it doesn't, and still others saying it's broken in the later micro-updates. Any insight would be appreciated. Thanks, -Dan The crossdomain.xml in 6u10 has restricted functionality. It requires a policy allowing any code from any site to connect. See the documentation for more details. There has been at least one case where an early access release has broken crossdomain.xml , but fixed