Cross-Domain Policy File

Similar Messages

• Load XML file from addon domain without cross-domain Policy file

  Hello.
  Assuming that there are two addon domains on the same server: /public_html/domain1.com       and      /public_html/domain2.com
  I try to load XML file from domain2.com into domain1.com without using cross-domain policy file (since it doesn’t work on xml files in my case).
  So the idea is to use php file in order to load XML and read it back to flash.
  I’ve found an interesting scripts that seems to do the job but unfortunately I can't get it to work. In my opinion there is somewhere problem with AS3 part. Please take a look.
  Here are the AS3/PHP scripts:
  AS3 (.swf in www.domain1.com):
  // location of the xml that you would like to load, full http address
  var xmlLoc:String = "http://www.domain2.com/MyFile.xml";
  // location of the php xml grabber file, in relation to the .swf
  var phpLoc:String = "loadXML.php";
  var xml:XML;
  var loader:URLLoader = new URLLoader();
  var request:URLRequest = new URLRequest(phpLoc+"?location="+escape(xmlLoc) );
  loader.addEventListener(Event.COMPLETE, onXMLLoaded);
  loader.addEventListener(IOErrorEvent.IO_ERROR, onIOErrorHandler);
  loader.load(request);
  function onIOErrorHandler(e:IOErrorEvent):void {
      trace("There was an error with the xml file "+e);
  function onXMLLoaded(e:Event):void {
      trace("the rss feed has been loaded");
      xml = new XML(loader.data);
      // set to string, since it is passed back from php as an object
      xml = XML(xml.toString());
      xml_txt.text = xml;
  PHP (loadXML.php in www.domain1.com):
  <?php
  header("Content-type: text/xml");
  $location = "";
  if(isset($_GET["location"])) {
      $location = $_GET["location"];
      $location = urldecode($location);
  $xml_string = getData($location);
  // pass the url encoded vars back to Flash
  echo $xml_string;
  //cURLs a URL and returns it
  function getData($query) {
      // create curl resource
      $ch = curl_init();
      // cURL url
      curl_setopt($ch, CURLOPT_URL, $query);
      //Set some necessary params for using CURL
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     //Execute the curl function, and decode the returned JSON data
      $result = curl_exec($ch);
      return $result;
      // close curl resource to free up system resources
      curl_close($ch);
  ?>

  I think you might be right about permissions/settings on the server for php. Unfortunately I'm not allowed to adjust them.
  So I wrote my own script - this time I used file path instead of http address of the XML file.  It works fine in my case.
  Here it is:
  XML file on domain2.com:
  <?xml version="1.0" encoding="UTF-8"?>
  <gallery>
      <image imagePath="galleries/gallery_1/images/1.jpg" thumbPath="galleries/gallery_1/thumbs/1.jpg" file_name= "1"> </image>
      <image imagePath="galleries/gallery_1/images/2.jpg" thumbPath="galleries/gallery_1/thumbs/2.jpg" file_name= "2"> </image>
      <image imagePath="galleries/gallery_1/images/3.jpg" thumbPath="galleries/gallery_1/thumbs/3.jpg" file_name= "3"> </image>
  </gallery>
  swf  on domain1.com:
  var imagesXML:XML;
  var variables:URLVariables = new URLVariables();
  var varURL:URLRequest = new URLRequest("MyPHPfile.php");
  varURL.method = URLRequestMethod.POST;
  varURL.data = variables;
  var MyLoader:URLLoader = new URLLoader;
  MyLoader.dataFormat =URLLoaderDataFormat.VARIABLES;
  MyLoader.addEventListener(Event.COMPLETE, XMLDone);
  MyLoader.load(varURL);
  function XMLDone(event:Event):void {
      var imported_XML:Object = event.target.data.imported_XML;
      imagesXML = new XML(imported_XML);
     MyTextfield_1.text = imagesXML;
     MyTextfield_2.text = imagesXML.image[0].attribute("thumbPath");  // sample reference to attribute "thumbPath" of the first element
  php file on domain1.com:
  <?php
  $xml_file = simplexml_load_file('../../domain2.com/galleries/gallery_1/MyXMLfile.xml');  // directory to XML file on the same server
  $imported_XML = $xml_file->asXML();
  print "imported_XML=" . $imported_XML;
  ?>
  Regards
  PS: for those who read the above discussion: the first and the second script work but you must test which one is better in your situation. The first script will also work between two domains on different servers. No cross domain policy file needed.

• Cross domain policy file and BitmapData

  Hey guys and gals, I'm having an issue with a Security error
  when trying to access photos from an external site. I have a client
  who is at siteA.com, who wants to load in photos from siteB.com,
  siteC.com, and probably 100 other sites. He has permission to do so
  from the other sites, but doesn't want to go through all the
  trouble of asking each site to post a cross-domain policy file.
  Please correct me if I'm wrong, but the way I understand it is, if
  you want to simply load an image into a Loader object within a swf,
  you're ok, but if you want to access the BitmapData, you will then
  get a security error? My snippet of code that I believe is causing
  the security error is
  public function imageLoaded(e:Event):void {
  var image:Bitmap = Bitmap(e.target.loader.content);
  image.smoothing = true;
  imageContainer.addChild(e.target.loader);
  As you can tell, the reason why I want to access the Bitmap
  itself is to apply smoothing. That is my main concern, I want to be
  able to apply smooth transitions to these pictures that are loaded
  in from external sites. My main goal is to load images externally,
  then apply smooth transitions, so if you know of a way to get
  around the security violations, that would be great. The only
  work-around we have for this is to write a script that will load
  all the images from the external sites onto the local server, as
  this will be less work than getting the cross-domain policy file on
  each server (if that's what it takes). Thanks in advance for
  anybody who can shed some light on the subject.

  If I understand you correctly, a 'helper' swf would be on the
  site where the images are held, much like a cross-domain policy
  file? I don't understand how that would be much different than
  getting the external sites to add a cross-domain policy file on
  their server. It sounds easier to just throw the cross-domain
  policy file on the external site's server with '*' for the path of
  allowed directories to load images from. I'm pretty new to the
  cross-domain security issue, so I'm not sure. I don't understand
  why it's a security risk to access the pixels of an image either...
  anybody know about that? Just trying to figure out where to go from
  here on this project. Thanks for the reply GWD, still looking for
  some more feedback.

• Error 2170 in Cross Domain Policy deployed in Enterprise Portal

  Hi All,
  We are facing an Error # 2170 for the Cross Domain Policy in Enterprise Portal.
  We developed the dashboard using 2 web service connections (using ECC Remote Enabled Functon Module). The Web services were made Public so that they can be accessed from any network. We developed the dashboard using the public enabled webservices and exported to the SWF file which is working fine.
  But when we place the dashboard SWF file in the Enterprise portal it gives the error " Cross Domain Policy Error #2170" .
  We Placed the Cross domain Policy file in ECC Server in the root directory and placed the same in Enterprise portal C drive.
  But still it shows the same error when we preview the dashboard in Enterprise Portal.
  The Cross Domain Policy File that we are using is as follows:
  -<cross-domain-policy> <site-control permitted-cross-domain-policies="all"/>
              <allow-access-from secure="false" to-ports="" domain=""/>
             <allow-http-request-headers-from secure="false" domain="" headers=""/>
             <allow-https-request-headers-from secure="false" domain="" headers=""/>
  </cross-domain-policy>
  Please let us know if the cross doamin file is correctly coded and suggest us with suitable solutions for this problem. Also let us know if there is some alternative solution to this issue.
  Thanks,
  Malla Reddy D

  Hello Malla,
  Maybe SAP Note 1240810 helps... Anyway, I would say that if your issue is with the direct SAP NW BI connection, through BICS, the only file which is relevant is bicsremotecrossdomain.xml, which should be located on your server HTTP root.
  Another check you can perform is if you have both portal certificate entries as per SAP Note 1508663.
  Kind Regards,
  Marcio

• Cross domain policy issues

  I am attempting to communicate with a web service via flash
  across sub domains. All works fine and dandy on my local machine,
  but when i upload to my web server there is no communication across
  the domains. The way the servers are configured, i don't have
  access to the root of the domain to place the crossdomain.xml in
  the default location, so i have it in the folder next to the web
  service and link to it directly shown below. I have this line on
  the first frame of the first layer of my file
  quote:
  System.security.loadPolicyFile("MYDOMAIN/StudentConnect2Apply/crossdomain.xml");
  The server containing the flash file is insecure and the web
  service is secure (https). this is what my crossdomain.xml file
  looks like:
  quote:
  <cross-domain-policy>
  <allow-access-from domain="*.MYDOMAIN.net"
  secure="false"/>
  </cross-domain-policy>
  I have also enabled logging within my flash player to track
  down problems, when i initially load the page in the browser, it
  approves the policy file:
  quote:
  OK: Policy file accepted:
  https://MYDOMAIN/StudentConnect2Apply/crossdomain.xml
  But after submitting the form and attempting to interact with
  the web service, i get an error saying permission is denied due to
  lack of policy file permissions and
  quote:
  Warning: Failed to load policy file from
  MYDOMAIN/crossdomain.xml
  It is looking in the root of the domain after i defined and
  it accepted the overridden location. Is there another way to define
  where the crossdomain.xml file is located that i am missing,
  possibly in the web service settings somewhere?

  I have found my answer, thanks to another forum.
  Meta-Cross Domain Policies.
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_03.html
  Basically I can now say "f*ck you adobe. I as a college
  student who likes to host things on my 150 MB of server space can
  no longer host XML formatted levels for games I write. Because I am
  not the administrator of the server and will never be able to
  convince the administrator to let me have the MCDP file allow my
  flash file to load it's levels."
  F*ck you Adobe, F*ck You.

• I am developing a flex web application which needs to access Other domain ,is there any other way other than cross domain policy available ? please help

  i am developing a flex web application which needs to access Other domain (Payment Gateway API),is there any other way other than cross domain policy available ? please help.
  we donot have access other domain thats why we want other solution..

  All the paths to CFCs are the same in my live production site.  Can you be more specific as to what you mean by "RemoteClass aliases in your AS Classes and CFCs (if any) are correct."?  How will the app know that the CFC is on http://myLiveSite.com instead of http://myDevSite.com?  The only line of code that I have noticed that points to a URL is the endpoint in a file called _Super_XXX.as.  And at the top of that file it says that the file is not meant for editting.
  To clarify...I see your app/code all exists on a server access via a web browser so I can understand that everything still works when deployed.  Mine is a mobile app so when I am developing and testing on my local computer the URL points to my local development machine.  However when I deploy it to a mobile device like a tablet and run the app, it needs to be able to access a cfc on a remote server via a different URL ie. my http://myLiveSite.com/myCFC.cfc instead of http://localhost/myCFC.cfc
  Thanks for your help!  I will now take a look at your thread.
  Message was edited by: ace0215

• Spry JSONDataset and IE8 cross domain policy

  Hi,
  I'm using Spry JSON Dataset to retreive feeds of JSON data from Google Picasa and then show the results on our photo page. Works fine in Firefox but not in IE8. Is this a cross domain issue or is something else happening to stop the page rendering the spry regions in IE8? I know IE8 can be quite fussy at times.
  Debug tools in IE8 not the best (give me firebug any time)
  Page is here www.thehmc.co.uk/photonew.html
  Phil

  Hi,
  Now I've had time to play and got my head around what JSON-P really means - I've come up with a lightweight solution. Arnout thanks for your input as that sent me off on the right track.
  I noticed that Google can provide the JSON string wrapped in a callback function - see format below
  http://picasaweb.google.com/data/feed/api/user/thehmc.co.uk?kind=tag&alt=json-in-script&ca llback=testit&hl=en_GB
  Firstly I define my Spry JSONDataset as before but don't give it an url to load the data from
  var dsTags = new Spry.Data.JSONDataSet(null,{path:"feed.entry",  subPaths:["title","gphoto$weight"],sortOrderOnLoad: "ascending", sortOnLoad: "title.$t"} );
  So introducing the function below, which dynamically adds a script to the document body pointing top the url you pass it
  function makeRequest(sUrl) {
          var oScript = document.createElement("script");
          oScript.src = sUrl;
          oScript.async = true
          var done = false;
          oScript.onload = oScript.onreadystatechange = function()
              if ( !done && (!this.readyState || this.readyState === "loaded" || this.readyState === "complete") )
                done = true;
                 oScript.onload = oScript.onreadystatechange = null;
                 if ( oScript && oScript.parentNode )
                  oScript.parentNode.removeChild( oScript );
          document.body.appendChild(oScript);
  and then calling it, passing the url to the Google feed
  makeRequest("http://picasaweb.google.com/data/feed/api/user/thehmc.co.uk?kind=tag&alt=json-in-script&ca llback=testit&hl=en_GB");
  Function testit(root)
      dsTags.setDataFromDoc(root);
  Since the JSON string is already converted to a JSON object when it arrives at the callback function I had to change the JSONDataset function as below to not to try and parse if already an object
  Spry.Data.JSONDataSet.prototype.loadDataIntoDataSet = function(rawDataDoc)
      if (this.preparseFunc)
          rawDataDoc = this.preparseFunc(this, rawDataDoc);
      var jsonObj;
      if (typeof rawDataDoc == "object")
          jsonObj = rawDataDoc;
     else
          try    { jsonObj = this.useParser ? this.parseJSON(rawDataDoc) : eval("(" + rawDataDoc + ")"); }
          catch(e)
              Spry.Debug.reportError("Caught exception in JSONDataSet.loadDataIntoDataSet: " + e);
              jsonObj = {};
  This works a treat in IE8 and Firefox.
  I can see that your YQL version will be more flexible in terms of the number of feeds it'll be able to provide in JSON format but for now I just need this for Google Picasa.  Ideally I'd like a YQL version that retrieves the JSON string and then passes it to a user defined callback function to do with what it wants.
  I need to change my other JSON datasets but otherwise the page will be good to go soon enough.
  Cheers for your inputs
  Phil

• Cross domain error while displaying .SWF files in  portal

  Hi Experts,
  i am working on EP ,
  i am trying to display a .swf file in a iview but that file is  giving an error as
  Add a cross domain policy file to the external data web server
  this swf file is retriving data from BI system.
  Please suggest !!
  i got a solution of putting a crossdoaim.xml file in root directory but thats not possible

  I think two urls will work for you:
  Xcelsius SWF with QaaWS through SSL: Cannot access external data
  http://livedocs.adobe.com/flex/3/html/help.html?content=security2_04.html

• Cross Domain error for Silverlight + MVC application with self hosted WCF service on azure

  Hi,
  We are migrating existing Silverlight application to MVC; existing Silverlight application is hosted on
  Azure which is consuming self-hosted WCF service. For authentication we have implemented
  ADFS with WIF (passive). The cloud service (<myWebSite>.cloudapp.net) is C Name to (<myWebSite>.<myDomain>.com) and we 
  are consuming  WCF service at <myWebSite>.cloudapp.net/<myService>.svc, as we were getting “Cross Domain” error so we have added “clientaccesspolicy.xml” at the root of “WEB ROLE”.
  Existing Silverlight application works fine but the problem occurred when we deploy our migrated application to the same cloud service. We are getting a “Cross Domain” error.
  The same migrated application works fine on UAT environment, the only difference is UAT environment is
  without ADFS WIF implementation.
  Migrated application is half Silverlight and half MVC with initial landing page is Silverlight. MVC web role is used to host the service i.e. .SVC . To go to SL landing page , redirected from home controller. Following is being observed in fiddler for this
  application
  Existing Silverlight application -
  After authentication with ADFS it redirect to Silverlight landing page.
  Before calling service method it looks for “clientaccesspolicy.xml”
  In response header we are getting the content of “clientaccesspolicy.xml”
  And after this everything works fine
  Migrated Silverlight-MVC application –
  After authentication with ADFS it redirects to “HomeController” and from there we are redirecting to Silverlight landing page.
  Before calling service method it looks for “clientaccesspolicy.xml”
  In response header we are getting  following content - “https://federation-sts.<myDomain>.com/adfs/ls/?wa=wsignin1.0&amp;
  wtrealm=https%3a%2f%2f<myWebSite>.<myDomain>.com&amp;
  wctx=rm%3d0%26id%3dpassive%26ru%3d%252fclientaccesspolicy.xml&amp;wct=2014-03-17T10%3a36%3a04Z”
  4.Throw “Cross Domain” error.
  Also we have added filter in
  RouteConfig
  for .xml file
  routes.IgnoreRoute("{*allxml}",
  new { allxml = @".*\.xml(/.*)?" });
  NOTE: There is no configuration change apart from MVC configuration.
  We have done RDP to web role and found that “clientaccesspiolicy.xml” is present at “E:\approot” location and it is also accessible at “https://<myWebSite>.<myDomain>.com/clientaccesspolicy.xml”.
  Please help
  Thanks,
  Rahul P

  Hi,
  Please try to configure the cross domain policy file to allow public read access (that is, access it without federation requirement), make sure you can access the address
  http://something/clientaccesspiolicy.xml directly in a browser
  without redirecting to check whether the cross domain policy file could be anonymous accessed (Please start a new browser session and make sure you're
  not logged in. Then test the cross domain policy file.).
  Best Regards,
  Ming Xu
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Safari cross domain error

  I tired to access a web site via Safari that I previously was able to access; however, now I get the following message: "Cross Domain Error: Cross domain is not supported by this browser." Is there a plug-in or something else that would allow me access the site?

  Hi,
  Please try to configure the cross domain policy file to allow public read access (that is, access it without federation requirement), make sure you can access the address
  http://something/clientaccesspiolicy.xml directly in a browser
  without redirecting to check whether the cross domain policy file could be anonymous accessed (Please start a new browser session and make sure you're
  not logged in. Then test the cross domain policy file.).
  Best Regards,
  Ming Xu
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Endeca cross domain problem

  We are currently using Endeca Commerce 3.1 on a distributed environment with MDEX installed on one server and Experience Manager on another but both on the same domain.
  When we use the RecordSpotlight cartridge in Experience Manager the record selection radio buttons are greyed out.
  We followed the instructions under “Setting up a cross-domain policy file” under Appendix C in the “Tools and Framework Installation Guide” and added the following crossdomain.xml file under <MDEX_install_dir>/6.4.0/conf/dtd/xform but still the problem persists. We have also set the value of permitted-cross-domain-policies in the crossdomain.xml file to “none”, “master-only” and “all”. None of them solved the problem.
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
  <site-control permitted-cross-domain-policies="all"/>
  <allow-access-from domain="*.mydomain.com" />
  <allow-access-from domain="*.mydomain.ca" />
  <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
  </cross-domain-policy>
  Could you please advise on how to enable those record selection radio buttons?
  Sincerely,
  Alex Luc

  It looks like I've solved it. The parent domain was
  sub-domain and I was leaving off the "
  http://" for the allowDomain argument. Once I
  added it, the swfs work.

• Xml Socket  policy to connect to a range of IPS cross domain scripting

  Dear,
  I have a problem with connecting to other servers rather the
  one who has served the swf file.
  i was facing the problem even on the same machine , so i have
  provided the policy file , to be served before opening the
  connection, and it works, but still in IE6 i was just skiping the
  requset-policy-file that is sent by the movie and it works, rather
  the other browsers didn't like this way. At that time i have
  written the code to check for the header , and send back the policy
  file.
  the policy file that i am using is the following:
  PolicyFile = @"<?xml
  version=""1.0""?><cross-domain-policy><allow-access-from
  domain=""192.168.1.100"" to-ports=""843""
  /><allow-access-from domain=""192.168.1.101""
  to-ports=""843"" /></cross-domain-policy>";
  My hope is to be able to connect to 192.168.1.101:843 , and
  my server web is the other ip .
  Best regerds

  Hi, go to
  Flash Resources , you can
  find a java application that can serve policy files to resolve this
  problem.

• Problem with socket cross domain

  Hi guys,
  This is my cross domain file:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
  <!-- Policy file for xmlsocket://socks.example.com -->
  <cross-domain-policy>
     <site-control permitted-cross-domain-policies="*"/>
     <allow-access-from domain="localhost" to-ports="80" />
  </cross-domain-policy>
  I am placing it in my server.
  From flex i am running this:
  Security.loadPolicyFile("my server address");
  And yet I am getting this event:
  SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048"
  What can I do?

  Hello ILikeMyScreenNameNdCoffee,
  I had the same problem with XMLSocket and I used a policy server that runs
  on the remote server on port 843 and from Flex I load file before connecting
  the xmlsocket Security.loadPolicyFile("my server address:843"). If you want
  I can upload a version of my policy server or you can use the server policy
  from here
  http://www.broculos.net/tutorials/how_to_make_a_multi_client_flash_java_server/20080320/en
  Also you can read here more about file policy:
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_04.html.
  On Thu, Aug 19, 2010 at 5:40 PM, ILikeMyScreenNameNdCoffee <[email protected]

• XMLSocket "Failed to load policy file" error

  I am trying to use an XMLSocket.swf file, and it is not connecting.  Do I need to open up a port on my server?  I am trying to run this on a dedicated remote Windows 2008 server.
  Here is the error from FlashFirebug:
       OK: Root-level SWF loaded: file:///C|/Users/vcaadmin/AppData/Roaming/Mozilla/Firefox/Profiles/70vbx4ys.default/exten sions/flashfirebug%40o%2Dminds.com/chrome/content/flashfirebug.swf
      OK: Root-level SWF loaded: http://speak-tome.com/flash/XMLSocket.swf
      OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at xmlsocket://speak-tome.com:9997 by requestor from http://speak-tome.com/flash/XMLSocket.swf
      Error: Failed to load policy file from xmlsocket://speak-tome.com:9997
      Error: Request for resource at xmlsocket://speak-tome.com:9997 by requestor from http://speak-tome.com/flash/XMLSocket.swf has failed because the server cannot be reached.
  My crossdomain.xml is saved to the root of the web directory and looks like:
      <?xml version="1.0"?>
      <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
      <cross-domain-policy>
      <site-control permitted-cross-domain-policies="master-only"/>
      <allow-access-from domain="*"/>
      <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
      </cross-domain-policy>
  I notice that both ports 843 and 9997 are closed for my domain (speak-tome.com - 72.167.253.16) when I check using a service such as yougetsignal.com/tools/open-ports.  Do I need to get these ports open to get the policy file to work?

  As a test, I uploaded my Flash/Gaia site into an existing site on my old host.  And although the site actually works in this setting, when I run things in the FlashPlayerDebugger, I'm still getting Security Sandbox Violations - so (as adninjastrator suggested in earlier post), this may have nothing to do with the DNS changes - but perhaps with my setting things up wrong somewhere so that the Flashplayer is trying to access my local computer - maybe??
  Debugger logs gives me this:
  Error: Failed to load policy file from xmlsocket://127.0.0.1:5800
  Error: Request for resource at xmlsocket://127.0.0.1:5800 by requestor from http://recreationofthegods.com/bin/main.swf has failed because the server cannot be reached.
  *** Security Sandbox Violation ***
  So, I've now uploaded the identical bin (which contains all the files for my site) - but I'm getting different behaviors on the two hosts.
  On the new holistic servers, the site won't go past the first page:  www.yourgods.com
  On the 1&1 servers, I still get runtime errors in FlashPlayerDebugger - but the site runs ok - http://www.RecreationOfTheGods.com/bin/index.html
  Posting those links in hopes someone with more experience in these sandbox issues can help steer me in the right direction.

• Cross Domain XML not working

  Greetings,
  I recently obtained two different domains that point to a subdirectory of another domain server. The swf file I created does not show up when I use the domains that are pointing to the subdirectory of the original domain.
  I placed an xml file into the root directory that contains the following code:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
      <allow-access-from domain="*.newdomainname1.com"/>
      <allow-access-from domain="*.newdomainame2.com"/>
  </cross-domain-policy>
  Nothing shows up. Is there something else I need to do make this work? I created the swf file using CS3 - Action Script 2. I tried searching everywhere to see if I'm missing a step, but cannot find anything. Any help would be greatly appreciated.

  I'm still not entirely clear what the problem is.
  Those links to the other domain show 404 errors, which is related to how things are set up on your hosting server for those domains, and nothing to do with flash.
  Are you trying to get the swf at http://www.searecovery.com/ to load data from the other domains? (I can't see it trying to do that, so perhaps not)
  If so you need to add *.searecovery.com to the crossdomain files at the other domains.
  Crossdomain files give flash content (swfs) hosted at one domain access to load data (or grant access to the data of loaded assets) from another domain.
  So you need crossdomain permission if you want a swf hosted at www.danfoss-searecovery.com to load xml data from www.danfosssearecovery.com for example, or to get at the bitmapdata of jpgs loaded from www.danfosssearecovery.com.
  If you just want to host the swf at the other domain, and if it's not loading data from external domains, then you pretty much just need to move copies of the html and swf there along with any external assets it loads (so long as you have used relative urls for loaded assets from within the swf) . If that's what you're trying to do then the issue here is likely to be simply how your hosting environment is set up for the other domains.