Sandbox Error #2048

Similar Messages

• Error #2048: Security sandbox violation

  I've been developing Flex apps for a couple of years now and feel comfortable with my development environment.
  I'm testing out Gumbo in my same environment (new workspace): WAMP based
  My test app works fine on my localhost set up... but when I upload the files to my hosted domain server... I get Error #2048: Security sandbox violation.
  Specifically:
  - I'm invoking an HTTPService by setting the url to a relative path (folder/file in same dir as the swf)
  - I set method to POST and useProxy to false
  (<fx:Declarations>
          <s:HTTPService id="contentService" url="data/verd_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
      </fx:Declarations>)
  - I wrapped the send call in a try / catch block and show an Alert with the error message in the catch... here's what it says
  body = (null)
    clientId = "DirectHTTPChannel0"
    correlationId = "F4B9A542-8B00-5CDB-3C36-1316919FC255"
    destination = ""
    extendedData = (null)
    faultCode = "Channel.Security.Error"
    faultDetail = "Destination: DefaultHTTP"
    faultString = "Security error accessing url"
    headers = (Object)#1
      DSStatusCode = 0
    messageId = "E629F555-EF8B-E535-7CE4-13169662A82A"
    rootCause = (flash.events::SecurityErrorEvent)#2
      bubbles = false
      cancelable = false
      currentTarget = (flash.net::URLLoader)#3
        bytesLoaded = 0
        bytesTotal = 0
        data = (null)
        dataFormat = "text"
      eventPhase = 2
      target = (flash.net::URLLoader)#3
      text = "Error #2048: Security sandbox violation: http://****.com/Main.swf cannot load data from http://localhost:***/data/verd_content.xml?hostport=***t.com&https=N&id=F4B9A542-8B00-5CDB -3C36-1316919FC255."
      type = "securityError"
    timestamp = 0
    timeToLive = 0
  *NOTE: I obfuscated parts of the url for security reasons
  I read the other similar posts here about problems like this when using the PHP / Zend set up... but I checked the .actionScriptProperties file and it does not have any URLs in there (like localhost:port#)
  I'm not using a service-config.xml file in this project... but I have set up WebORB for PHP servers and use that all the time... so I know how that works...
  Is this a bug or am I missing something new in the Gumbo ?
  Again: my swf file is in a folder in the webroot on my ISP
  also inside that folder is another folder with an XML file in it
  I'm setting an HTTPService call using the url parameter on a POST with a relative file path (folder/filename.xml)
  changing the url to an absolute makes no difference...
  thanks in advance for any help

  Sure...
  here's the code that contains both the HTTPService setup and the URLLoader setup... like i said in the original post.. the HTTPService call throws the error described, whereas the URLLoader call does not:
  private var loader : URLLoader = new URLLoader();
  private var req : URLRequest = new URLRequest("data/***dant_content.xml");//path obfuscated
  protected function Application_creationComplete():void
      // This works...
      loader.addEventListener( Event.COMPLETE, parseContent );
      loader.addEventListener( IOErrorEvent.IO_ERROR, contentFault );
      // This does not...
      /* contentService.addEventListener( ResultEvent.RESULT, parseContent );
          contentService.addEventListener(FaultEvent.FAULT, contentFault ); */
      try
          loader.load( req );
      catch (err:Error)
          Alert.show("In Try Catch Error Block: " + err.message);
          currentState='home';
  the HTTPService was set up like this: (again, i obfuscate the URLs for security)
      <fx:Declarations>
          <s:HTTPService id="contentService" url="data/***dant_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
      </fx:Declarations>
  the parseContent function setup in the event listener justs reads the XML file and uses that data to build an image gallery.
  hope this helps (for what its worth: I'm not doing anything serious with Gumbo as of yet due to these kinds of bugs)

• Error #2048 (Sandbox Violation) in AIR prevents future hostname resolution

  Scenario:
  Create an application which tries opening 100 socket connections. This in turn triggers an Error #2031(Socket Error) on a few of them, I believe this is a limitation in Flash? or something similar? After a few seconds, those same socket connections will trigger an Error #2048 (Security Sandbox Violation).
  If the hostname which you used to connect to the sockets is a name (ex: "localhost") it will prevent any new connections from opening at all and will trigger an Error #2048 on all those future connections even though they are completely unrelated to the first.
  If the hostname which you use is an IP Address ("127.0.0.1") those individual connections will have failed but no future interaction will be affected.
  Problem:
  1) Why is an AIR application triggering a security sandbox error at all?
  2) Why is this error locking up hostname resolution?
  3) Is this in fact a hostname resolution problem since there are no issues when using an IP address?
  3a) In my testing it appears that once the Error #2048 "locks" resolution, it can be "unlocked" by using an IP Address on any socket (any successful socket connection really) which will restore the name resolution capability. Or so it seems.
  Any help would be greatly appreciated. Until I nailed down the specific cases where this was happening the errors appeared very byzantine.
  It is not only the Error #2031 from too many connections that triggers the Error #2048. The main problem is that Error #2048 is triggered by unspecified socket errors (unexpected close for example) and hence locks up future connections.
  The reason this is such a problem is that I'm creating an application specifically for the purpose of monitoring a custom server so errors do happen, and if future requests cannot complete a connection due to name lookup failure it can cause a huge problem for monitoring validity.

  Any help with this would be greatly appreciated.

• Error #2048: Security sandbox violation: Urgent Checked the forum none of the solutions worked

  Hi all,
      I am new to flex . I am trying to connect to my localhost using the XMLSocket like below
      var xmlsock:XMLSocket = new XMLSocket(); // Line #187
      xmlsock.connect(127.0.0.1, 8080);
      xmlsock.send(xml);
    But after a Minute I get this below error
    Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: app:/main.swf cannot load data from 127.0.0.1:8080.
      at main/handleLogin()[C:\Documents and Settings\Vulcantech\My Documents\Flex Builder 3\src\main.mxml:187]
      at flash.events::EventDispatcher/dispatchEventFunction()
      at flash.events::EventDispatcher/dispatchEvent()
      at mx.rpc.http.mxml::HTTPService/http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()[C:\autobuild\3.2.0\framewor ks\projects\rpc\src\mx\rpc\http\mxml\HTTPService.as:290]
      at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/mx/internal::resultHandler()[C:\autobuild\3.2.0\frameworks\ projects\rpc\src\mx\rpc\AbstractInvoker.as:193]
      at mx.rpc::Responder/result()[C:\autobuild\3.2.0\frameworks\projects\rpc\src\mx\rpc\Responde r.as:43]
      at mx.rpc::AsyncRequest/acknowledge()[C:\autobuild\3.2.0\frameworks\projects\rpc\src\mx\rpc\ AsyncRequest.as:74]
      at DirectHTTPMessageResponder/completeHandler()[C:\autobuild\3.2.0\frameworks\projects\rpc\s rc\mx\messaging\channels\DirectHTTPChannel.as:403]
      at flash.events::EventDispatcher/dispatchEventFunction()
      at flash.events::EventDispatcher/dispatchEvent()
      at flash.net::URLLoader/onComplete()
  Thanks in advance
  Balaji

  Hi Alex,
     Thanks for the Link . I saw the link and have done the same steps as said in that . I have created a crossdomain.xml file in my 127.0.0.1 and i can also see that the policy being accepted in the  "C:\Documents and Settings\username\Application Data\Macromedia\Flash Player\Logs" . I have pasted the lines in policyfiles.txt below.
      OK: Root-level SWF loaded: app:/main.swf
      OK: Policy file accepted: http://127.0.0.1/crossdomain.xml
     But I still get that sandbox violation error. I have tried the below solutions and none of them worked
         1) security.allowDomain("*");
         2) crossdomain xml in the webroot of the accessing server like below
                      <?xml version="1.0"?>
                       <!DOCTYPE cross-domain-policy SYSTEM “http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd”> 
                       <cross-domain-policy>
                          <site-control permitted-cross-domain-
  policies="all" />
                           <allow-access-from domain="*" to-ports="*" />
                     </cross-domain-policy>
         3) I saw that adding the Application path in the  "C:\Documents and Settings\username\Application Data\Flash Player\#Security\FlashPlayerTrust\flexbuilder.cfg" will remove the sandbox violation but this also didnt work        
         4)  "Project - Properties - Flex Compiler - Additional compiler arguments:" add   -use-network=true  and then recompile and post to server
         5) I have also checked the policy file logs
  Thanks in advance
  Balaji

• Publishing my flex application in external server (Channel.Security.Error error Error #2048)

  when i publish my flex application in an external server i get that error if my flash builder beta 2 is closed in my system , i did configure an endpoint to the dataservice to point to the external server and if i run my flash builder and any body browser the site it open and they can access the data from my application but if i close my flash builder we have this error all of us
  Send failed
  Channel.Security.Error error Error #2048: Security sandbox violation:
  http://www.dcecrak.com/Maine.swf cannot load data from
  http://localhost:37813/flex2gateway/?hostport=www.dcecrak.com&https=N&id=-1. url:
  'http://www.dcecrak.com/flex2gateway/'
  i created a crossdomain.xml file and put it in the web root , if i try to open the link http://www.dcecrak.com/flex2gateway  it open with blank page this means that every thing is oky , my service-config file looks like that :
  <?xml version="1.0" encoding="UTF-8"?>
  <services-config>
      <services>
          <service-include file-path="remoting-config.xml" />
          <service-include file-path="proxy-config.xml" />
          <service-include file-path="messaging-config.xml" />
      </services>
      <security>
          <login-command class="flex.messaging.security.JRunLoginCommand" server="JRun"/>
          <!-- Uncomment the correct app server
          <login-command class="flex.messaging.security.TomcatLoginCommand" server="Tomcat"/>
          <login-command class="flex.messaging.security.WeblogicLoginCommand" server="Weblogic"/>
          <login-command class="flex.messaging.security.WebSphereLoginCommand" server="WebSphere"/>
          -->
          <!--
          <security-constraint id="basic-read-access">
              <auth-method>Basic</auth-method>
              <roles>
                  <role>guests</role>
                  <role>accountants</role>
                  <role>employees</role>
                  <role>managers</role>
              </roles>
          </security-constraint>
          -->
      </security>
      <channels>
          <!--  CF Based Endpoints -->
  <channel-definition id="dcecrak" class="mx.messaging.channels.AMFChannel">
              <endpoint uri="http://www.dcecrak.com/flex2gateway/" class="coldfusion.flash.messaging.CFAMFEndPoint"/>
              <properties>
                    <add-no-cache-headers>false</add-no-cache-headers>
                          <polling-interval-seconds>8</polling-interval-seconds>
                          <serialization>
                                <enable-small-messages>false</enable-small-messages>
                          </serialization>
                          <coldfusion>
                              <!-- define the resolution rules and access level of the cfc being invoked -->
                                <access>
                                      <!-- Use the ColdFusion mappings to find CFCs-->
                                      <use-mappings>true</use-mappings>
                                      <!-- allow "public and remote" or just "remote" methods to be invoked -->
                                      <method-access-level>remote</method-access-level>
                                </access>
                                <!-- Whether the Value Object CFC has getters and setters. Set the value of use-accessors to true if there are getters and setters in the Value Object CFC. -->
                                <use-accessors>true</use-accessors>
                                <!--Set the value of use-structs to true if you don't require any translation of ActionScript to CFCs. The assembler can still return structures to Flex, even if the value is false. The default value is false.-->
                                <use-structs>false</use-structs>
                      <property-case>
                          <!-- cfc property names -->
                          <force-cfc-lowercase>false</force-cfc-lowercase>
                          <!-- Query column names -->
                          <force-query-lowercase>false</force-query-lowercase>
                          <!-- struct keys -->
                          <force-struct-lowercase>false</force-struct-lowercase>
                      </property-case>
                          </coldfusion>
              </properties>
          </channel-definition>
          <channel-definition id="cf-polling-amf" class="mx.messaging.channels.AMFChannel">
              <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/cfamfpolling" class="coldfusion.flash.messaging.CFAMFEndPoint"/>
              <properties>
                  <polling-enabled>true</polling-enabled>
                  <polling-interval-seconds>8</polling-interval-seconds>
                          <serialization>
                                <enable-small-messages>false</enable-small-messages>
                          </serialization>
                          <coldfusion>
                              <!-- define the resolution rules and access level of the cfc being invoked -->
                                <access>
                                      <!-- Use the ColdFusion mappings to find CFCs-->
                                      <use-mappings>true</use-mappings>
                                      <!-- allow "public and remote" or just "remote" methods to be invoked -->
                                      <method-access-level>remote</method-access-level>
                                </access>
                                <!-- Whether the Value Object CFC has getters and setters. Set the value of use-accessors to true if there are getters and setters in the Value Object CFC. -->
                                <use-accessors>true</use-accessors>
                                <!--Set the value of use-structs to true if you don't require any translation of ActionScript to CFCs. The assembler can still return structures to Flex, even if the value is false. The default value is false.-->
                                <use-structs>false</use-structs>
                      <property-case>
                          <!-- cfc property names -->
                          <force-cfc-lowercase>false</force-cfc-lowercase>
                          <!-- Query column names -->
                          <force-query-lowercase>false</force-query-lowercase>
                          <!-- struct keys -->
                          <force-struct-lowercase>false</force-struct-lowercase>
                      </property-case>
                          </coldfusion>
              </properties>
          </channel-definition>
          <channel-definition id="my-cfamf-secure" class="mx.messaging.channels.SecureAMFChannel">
              <endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/cfamfsecure" class="coldfusion.flash.messaging.SecureCFAMFEndPoint"/>
              <properties>
                  <polling-enabled>false</polling-enabled>
                          <add-no-cache-headers>false</add-no-cache-headers>
                          <serialization>
                                <enable-small-messages>false</enable-small-messages>
                          </serialization>
                          <coldfusion>
                              <!-- define the resolution rules and access level of the cfc being invoked -->
                                <access>
                                      <!-- Use the ColdFusion mappings to find CFCs-->
                                      <use-mappings>true</use-mappings>
                                      <!-- allow "public and remote" or just "remote" methods to be invoked -->
                                      <method-access-level>remote</method-access-level>
                                </access>
                                <!-- Whether the Value Object CFC has getters and setters. Set the value of use-accessors to true if there are getters and setters in the Value Object CFC. -->
                                <use-accessors>true</use-accessors>
                                <!--Set the value of use-structs to true if you don't require any translation of ActionScript to CFCs. The assembler can still return structures to Flex, even if the value is false. The default value is false.-->
                                <use-structs>false</use-structs>
                                <property-case>
                          <!-- cfc property names -->
                          <force-cfc-lowercase>false</force-cfc-lowercase>
                          <!-- Query column names -->
                          <force-query-lowercase>false</force-query-lowercase>
                          <!-- struct keys -->
                          <force-struct-lowercase>false</force-struct-lowercase>
                      </property-case>
                          </coldfusion>
              </properties>
          </channel-definition>
          <!--  Java Based Endpoints -->
          <channel-definition id="java-amf" class="mx.messaging.channels.AMFChannel">
              <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
          </channel-definition>
          <channel-definition id="java-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
              <endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
          </channel-definition>
          <channel-definition id="java-polling-amf" class="mx.messaging.channels.AMFChannel">
              <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/amfpolling" class="flex.messaging.endpoints.AMFEndpoint"/>
              <properties>
                  <polling-enabled>true</polling-enabled>
                  <polling-interval-seconds>8</polling-interval-seconds>
              </properties>
          </channel-definition>
          <!--
          <channel-definition id="java-http" class="mx.messaging.channels.HTTPChannel">
              <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/http" class="flex.messaging.endpoints.HTTPEndpoint"/>
          </channel-definition>
          <channel-definition id="java-secure-http" class="mx.messaging.channels.SecureHTTPChannel">
              <endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/httpsecure" class="flex.messaging.endpoints.SecureHTTPEndpoint"/>
          </channel-definition>
          -->
      </channels>
      <logging>
          <target class="flex.messaging.log.ConsoleTarget" level="Error">
              <properties>
                  <prefix>[BlazeDS] </prefix>
                  <includeDate>false</includeDate>
                  <includeTime>false</includeTime>
                  <includeLevel>false</includeLevel>
                  <includeCategory>false</includeCategory>
              </properties>
              <filters>
                  <pattern>Endpoint.*</pattern>
                  <pattern>Service.*</pattern>
                  <pattern>Configuration</pattern>
                  <pattern>Message.*</pattern>
              </filters>
          </target>
      </logging>
      <system>
          <manageable>false</manageable>
          <!--
          <redeploy>
              <enabled>true</enabled>
              <watch-interval>20</watch-interval>
              <watch-file>{context.root}/WEB-INF/flex/services-config.xml</watch-file>
              <watch-file>{context.root}/WEB-INF/flex/proxy-config.xml</watch-file>
              <watch-file>{context.root}/WEB-INF/flex/remoting-config.xml</watch-file>
              <watch-file>{context.root}/WEB-INF/flex/messaging-config.xml</watch-file>
              <watch-file>{context.root}/WEB-INF/flex/data-management-config.xml</watch-file>
              <touch-file>{context.root}/WEB-INF/web.xml</touch-file>
          </redeploy>
           -->
      </system>
  </services-config>
  and my crossdomain.xml looks like that :
  <cross-domain-policy>
  <site-control permitted-cross-domain-policies="all"/>
  <allow-access-from domain="localhost" to-ports="*" secure="false"/>
  <allow-access-from domain="*" to-ports="*" secure="false"/>
  <allow-http-request-headers-from domain="*"/>
  </cross-domain-policy>
  really its strange only the site works if my flash builder is running , please help

    Thanks all for your attention, i have solved my problem and i think its a bug in the flash builder , the problem was that when you compile the application and you enabling Network Monitoring , the communication of the AMF channels done throw the  http://localhost:37813/flex2gateway/
  and that was the problem if you close the flash builder on your system that getaway dose not exist and on the hosted server there is no such address localhost by this port also so the client application witch is catch in you system try to access your localhost and that cause a security error and the address is also not exist .
  so the solution or we have to compile the project after we disable the Network Monitoring in flash builder .

• Dreaded Error #2048

  Problem: I have created a SWF file with Engage 2008 that runs fine when launched on the hosting web server, but it gives an Error #2048 when opened in a web browser from a client machine on the same domain.
  Below is the crossdomain.xml file that I have placed in both the web site's home directory and the web server's root directory (C:\).
  <?xml version="1.0"?>
  <cross-domain-policy>
    <allow-access-from domain="*" secure="false" />
  </cross-domain-policy>
  On the web server:
  - The .htm and .swf and crossdomain.xml files are located in the C:\Websites\Dashboards directory. A share has been created <servername>\Websites that points to C:\Websites.  Everyone has read access.
  - The .xls file from which the .swf file pulls its data is located in the C:\Dashboards directory. A share ahs been created <servername>\Dashboards that points to C:\Dashboards.  Everyone has read access.
  On the client machines:
  - I have tried both Flash versions 9.0.124 and 10.0.12.36.
  - In the Adobe Flash Player Security Settings console, I have given "Always Allow" permissions to the following:
  <servername>\Websites
  <servername>\Dashboards
  <servername>\c$\Websites
  <servername>\c$\Dashboards
  <servername>\c$
  <servername>\c$\Websites\Dashboards\<filename>.swf
  <servername>\Websites\Dashboards\<filename>.swf
  If I copy the .swf file locally to one of the client machines and set the Adobe security to "Always Allow" the file, it works fine.  So I'm confident it's a security issue; I'm just lost as to what I'm missing.  Suggestions?

  I'm just going to keep rambling here until I figure this out.  
  I installed the debugger version of Flash, and it ellaborates on the error as
  "Error #2048: Security sandbox violation: http://<servername>/<Flash file>.swf cannot load data from file://<servername>/Dashboards/<XML data file>.xml"
  It seems odd to me that the flash file can access the XML data as long as it bypasses IIS (by my launching the .htm file directly).  I'll try moving all of my files into the same directory to see if that makes any difference.

• SecurityError: Error #2048 when using special characters in request url

  Hi all,
  I'm facing a really strange problem with requesting address data from a in-house developed address webservice that can be accessed using a HTTPS connection.
  The problem is that I get the following error when a request has been made with special characters in the url:
  SecurityError: Error #2048: Security sandbox violation: http://www.foo.com/myapp.swf cannot load data from
  https://www.bar.com/myservice.svc/Aleja Legionów ul., BYTOM.
  The url is encoded using encodeURIComponent. Fiddler show's a correctly encoded url:
  https://www.bar.com/myservice.svc/address/Aleja%20Legion%C3%B3w%20ul.%2C%20BYTOM
  The server send a normal response back.
  The weird thing is that this only happens on FireFox with special characters in the url. With normal characters, it works fine.
  On IE everything works fine..
  crossdomain.xml of the www.foo.com:
  <cross-domain-policy>
  <site-control permitted-cross-domain-policies="all"/>
  <allow-http-request-headers-from domain="*" headers="*" secure="false"/>
  <allow-access-from domain="*" headers="*" secure="false"/>
  </cross-domain-policy>
  Any help is appreciated.
  Best regards,
  Sjoerd Brandsma

  You could try downloading the Oracle 8.1.7 client and the latest
  Oracle8 ODBC driver, install them on your machine, and verify
  that the failure goes away. That's obviously the acid test.
  I can tell you that when I worked in the ODBC driver group we
  did identify and fix some bugs where our parser wasn't skipping
  string literals. If this particular bug wasn't fixed earlier,
  it almost certainly was then (I'm guessing that work was done 12-
  18 months ago).
  Justin

• ActionScript 3 Error #2044 & Error #2048

  How do I stop this error from happening? When I use the same
  source code in a WindowedApplication rather than an Application,
  (which is where I get this error), I do not get the error (with an
  AIR app).
  Error #2044: Unhandled securityError:. text=Error #2048:
  Security sandbox violation:
  http://MYURL.com/nMuseum.swf
  cannot load data from
  http://www.MYURL.com/index.xml.
  at nMuseum/loadMyXML()
  at nMuseum/collectionSelect()
  at nMuseum/__tree_itemClick()
  at flash.events::EventDispatcher/dispatchEventFunction()
  at flash.events::EventDispatcher/dispatchEvent()
  at mx.core::UIComponent/dispatchEvent()
  at mx.controls.listClasses::ListBase/mouseClickHandler()
  at mx.controls::Tree/mouseClickHandler()

  You might need a crossdomain.xml file on the server you
  access the XML file from, if this server is not the same as the one
  the SWF is served from.
  Something like:
  <?xml version="1.0"?>
  <cross-domain-policy>
  <allow-access-from domain="hostname.domainname.com" />
  </cross-domain-policy>
  Or:
  <?xml version="1.0"?>
  <cross-domain-policy>
  <allow-access-from domain="*" />
  </cross-domain-policy>

• Sandbox error only when loading URL containing directory with purely numeric name.

  This error only occurs under very strange circumstances.  We have several clients whose domain names begin with a sequence of digits (e.g. 401blah.com).  We have file paths under another server employing directory names derived from these domain names. (e.g. /4/401/...).  We employ the same scheme for all domain names, so fooblah.com would utilize directory /f/fooblah/...
  Our swf file is embedded in an HTML page which is served up from 401blah.com (name is an example).  It attempts to load images from another server (e.g. pictures.foo.com//4/401/...).  The pictures.foo.com site has a crossdomain.xml file that permits all domains to access its contents.  When the swf at fooblah.com tries to load an image at pictures.foo.com//f/fooblah/... it does so without a hitch.  However, when the same swf hosted in an identical page at 401blah.com attempts to access an image at pictures.foo.com//4/401/... it fails with the following error:
  Error #2048: Security sandbox violation: http://401blah.com/v8/widgets/generic/image/semantic-slideshow.swf cannot load data from http:/pictures.foo.com/4/401blah/0288/2015daea4046387201f6d2e38e0c1ac6.jpg
  Now, I'm using fake names for the domain here in order to obfuscate the customer, but if I substitute in the correct customer name, the URL http:/pictures.foo.com/4/401blah/0288/2015daea4046387201f6d2e38e0c1ac6.jpg does, in fact, access the correct image.
  When we use non numeric directory names everything works without a hitch.  When we use numeric directory names, despite all info being in its proper place and a proper crossdomain.xm, loading the images in fails.
  In fact, according to our net-trace, when we use numeric directory names, pictures.foo.com (fake domain name substituted in for real domain name), flash doesn't even try to look at its crossdomain.xml file (while it does try, and succeeds at doing so, when non numeric directory names are used).
  It looks like Flash is doing some kind of test on the URL and making an incorrect determination on it.  Any help on this that does not involve changing our directory scheme would be appreciated.  I have read all of the relevent documentation and our crossdomain.xml file is set up correctly, so please focus on the behavior visa vi strange treatment of numeric directory names in the URL.

  try to write your php code with notepad.
  There could be invisible characters when using Dreamweaver or similar softwares.

• Error message "Error #2048" occurred while refreshing

  Hi Expert,
  When view the Xcelsius report in Mozilla Firefox and press the refresh button, an error message "Error #2048" occurred. But it works fine in IE.
  #2048:  Security sandbox violation: _ cannot load data from _.
  Though I had added the crossdomain.xml into my Tomcat server, but error appeared again. Here is the detail of crossdomain.xml as below:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
     <allow-http-request-headers-from domain="" headers="" secure="false" />
     <allow-access-from domain="*" secure="false" />
  </cross-domain-policy>
  Best Regards,
  Simon Shen
  Edited by: Simon Shen on Jun 16, 2008 9:52 AM

  I'm assuming your crossdomain.xml file look like:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
     <allow-http-request-headers-from domain="*" headers="*" secure="false" />
     <allow-access-from domain="*" secure="false" />
  </cross-domain-policy>
  and that it's the forum software that's stripped out the asterixes.
  Whenever I get #2048, I always ensure the correct crossdomain.xml is being retrieved by the web browser using a HTTP Analyzer/Debugger tool like [Charles|http://www.xk72.com/charles/].  Some (especially those running .NET and not Java on the client machine use [Fiddler|http://www.fiddlertool.com/fiddler/version.asp] but I haven't personally used that tool.
  Also, when testing, I make sure I flush the cache on the client browser, to ensure old files and references are removed.
  Sincerely,
  Ted Ueda

• Error #2044 & Error #2048

  Hello,
  I am running Flex 4 SDK and a beta of Flash Builder 4 on an Eclipse IDE. I have two files: one is a small flex program that establishes a XML Socket on the localhost, the other is a Java program that writes a simple string to the port that the flex program listens to. The purpose of this program is to get used to TCP with flex. Both programs run inside of the Eclipse IDE. However, when I run the program, I get the following error message:
  Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation
  I have searched quite a bit for a solution to this problem to no avail.  Any help would be greatly appreciated.
  Thank you.

  For what it's worth, I just put together something simple and it seems to work:
  Both are run from a common folder.  Note that (AFAIK) you can't create a socket server in Flash (only clients)...so the java socket server needs to be started first:
  Keep in mind that things won't work out of the box (due to security issues) - an easy way to get things up and running (sans crossdomain file returned from your socket server) is to ensure your app is running in the local-trusted sandbox.
  To do this you need to add the path (where your Client.swf resides) to a text file living in either your global "FlashPlayerTrust" folder or your user level FlashPlayerTrust folder.
  For example, on Mac I've added a file called 'trust' containing one line:
  file:///Users/clucier/apps/SocketTest/
  ... to my "global" FlashPlayerTrust folder located at: /Library/Application Support/Macromedia/FlashPlayerTrust.
  See http://livedocs.adobe.com/flex/3/html/help.html?content=security2_25.html
  Pardon the verbose post, attachments don't work too well for me lately so included src inline...
  SimpleServer.java:
  import java.io.*;
  import java.net.*;
  public class SimpleServer
          public static void main(String args[])
                  // Message terminator
                  char EOF = (char)0x00;
                  try
                          // create a serverSocket connection on port 9999
                          ServerSocket s = new ServerSocket(9999);
                          System.out.println("Server started. Waiting for connections...");
                          // wait for incoming connections
                          Socket incoming = s.accept();
                          BufferedReader data_in = new BufferedReader(
                                new InputStreamReader(incoming.getInputStream()));
                          PrintWriter data_out = new PrintWriter(incoming.getOutputStream());
                          data_out.println("Welcome! type EXIT to quit." + EOF);
                          data_out.flush();
                          boolean quit = false;
                          // Waits for the EXIT command
                          while (!quit)
                                  String msg = data_in.readLine();
                                  if (msg == null) quit = true;
                                  if (!msg.trim().equals("EXIT"))
                                          data_out.println("You sayed: <b>"+msg.trim()+"</b>"+EOF);
                                          data_out.flush();
                                  else
                                          quit = true;
                  catch (Exception e)
                          System.out.println("Connection lost");
  Client.mxml (Flex 4):
  <?xml version="1.0" encoding="utf-8"?>
  <Application xmlns:fx="http://ns.adobe.com/mxml/2009"
               xmlns="library://ns.adobe.com/flex/spark"
               xmlns:mx="library://ns.adobe.com/flex/halo"
               width="1024" height="768">
      <!-- Compiled FXG placed on the left -->
      <layout>
          <VerticalLayout/>
      </layout>
      <fx:Script>
          <![CDATA[
              import flash.net.XMLSocket;
              import flash.events.*;
              private var hostName:String = "localhost";
              private var port:uint = 9999;
              private var socket:XMLSocket;
              public function connect():void {
                  socket = new XMLSocket();
                  configureListeners(socket);
                  socket.connect(hostName, port);
              public function send(data:Object):void {
                  socket.send(data);
              private function configureListeners(dispatcher:IEventDispatcher):void {
                  dispatcher.addEventListener(Event.CLOSE, closeHandler);
                  dispatcher.addEventListener(Event.CONNECT, connectHandler);
                  dispatcher.addEventListener(DataEvent.DATA, dataHandler);
                  dispatcher.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);
                  dispatcher.addEventListener(ProgressEvent.PROGRESS, progressHandler);
                  dispatcher.addEventListener(SecurityErrorEvent.SECURITY_ERROR, securityErrorHandler);
              private function closeHandler(event:Event):void {
                  ta.text += String("closeHandler: " + event);
              private function connectHandler(event:Event):void {
                  ta.text += String("connectHandler: " + event);
              private function dataHandler(event:DataEvent):void {
                  ta.text += String("dataHandler: " + event);
              private function ioErrorHandler(event:IOErrorEvent):void {
                  ta.text += String("ioErrorHandler: " + event);
              private function progressHandler(event:ProgressEvent):void {
                  ta.text += String("progressHandler loaded:" +
                              event.bytesLoaded + " total: " + event.bytesTotal);
              private function securityErrorHandler(event:SecurityErrorEvent):void {
                  ta.text += String("securityErrorHandler: " + event);
          ]]>
      </fx:Script>
      <Button label="connect" click="connect()"/>
      <TextArea id="ta" width="300" height="200"/>
  </Application>

• Cross domain scripting: error #2048

  Hi,
  This is my first entry in this forum but I already found a lot of answers by browsing it. However, altough many references seem to solve the problem I'm hurting on, it doesn't seem to work for me...
  Now, here's the case:
  I made a flash web site that will be hosted on an external web server (let's call it server «www.external.com»).
  My flash needs to get some info from my internal server (let's call it «www.internal.com»).
  On «www.internal.com», I don't have access to the root, only to the folder «myfolder» so my website reads like this: «www.internal.com/myfolder».
  Being aware of some sandbox security issues, I made a crossdomain.xml file and uploaded it to «www.internal.com/myfolder/crossdomain.xml» to provide acces to «www.internal.com/myfolder» from «www.external.com» wich is the following:
  <?xml version="1.0"?>
  <cross-domain-policy>
       <allow-access-from domain="www.external.com" />
       <allow-http-request-headers-from domain="www.external.com" headers="*"/>
  </cross-domain-policy>
  In my flash, there is the code i use to retrieve my info:
  Security.loadPolicyFile("http://www.internal.com/myfolder/crossdomain.xml");
  var myData:URLRequest = new URLRequest("http://www.internal.com/myfolder/myapp/datarequest.cfm");
  var loader:URLLoader = new URLLoader();
  loader.load(myData);
  That's where I get the raging error #2048 in an error #2044 telling me this (excuse the french, my player and I use this language):
  Error #2044: securityError non pris en charge : text=Error #2048: Violation de la sécurité Sandbox : http://www.external.com/flashapp.swf ne peut pas charger de données à partir de http://www.internal.com/myfolder/myapp/datarequest.cfm.
  According to what I saw and read, loading a policy file should allow me to access info. Once I read that the crossdomain.xml file absolutely had to be on the root of the web server, unfortunately, I don't have access to the root.
  There surely is something wrong with what I am doing, anyone has a thought?
  Thanks in advance and sorry for the long message...

  just a guess here - it looks mainly as though you are on the right track, and you are correct if you so not have access to the root, then you must target the crossdomain.xml location as you have specified.
  the one thing i don't see that you have listed here is a call to:
  Security.allowDomain("www.external.com");
  which *might* be the issue

• I keep getting an error 2048 everytime I try to play back my Maya file that I saved as a qt movie. I just recently updated qt and this is when the errors would pop up. Before the update I had no problems. How can I fix this?

  I updated quicktime a few days ago and now I keep getting error 2048 whenever i try to play back my Maya file after saving it as a qt movie. I had no issues with this before I did the update, after the update I keep getting the error 2048 message. QT will play my earlier Maya movies and other video, it just won't play back my latest work. Help me please, I need this for school.

  The 2048 error message usually suggests the files use MPEG-2 format which is not supported natively on Windows via QuickTime without the additional MPEG-2 Playback Component ($20 from Apple).

• Error - 2048 not a valid movie file

  hello,
  I'm a NAPP member and had been following the photoshop TV casts on QT....however, now I get the error message 'error - 2048 not a valid movie file'...its an mpeg4 QT file, but I get the message whenever I attempt to play the downloaded file...or when I try to just watch the stream, it won't open the URL...these are the only movies that I'm having this problem with...as I can watch other movies from other sites w/o incident...NAPP hasn't replied to my inquiries except that they don't support the TV shows.
  Any ideas?...would be appreciated...
  Thanks...
  G5 - dual 1.8 ghz - 2ghz ram   Mac OS X (10.3.7)   Dell Inspiron Core Duo notebook w/ XP home

  T S
  Thank you very much for the link to videolan.org. I was having the same problem playing downloaded Photoshop TV videos. I tried MPlayer which worked but was not comprehensible. I had never heard of videolan, but it works like a charm.
  Thanks again.
  17 PowerBook, 1.33 Ghz   Mac OS X (10.4.6)   2 GB Ram, iWeb 1.1.1

• Error 2048 not a movie file

  QT 7 pro was working fine at first.Now when I try to play a video file I get "error 2048 not a movie file. The file plays fine in another player. Also QT will play a QT movie but not a file. I have QT installed on two computers with the exact same problem on both. please help.

  Yes the format of the files is windows media video files. They play successfully on real player and on VLC media player.
  They were also playing on itunes,but now they won't play on QT or itunes. By play a movie I mean the movie was downloaded as a QT movie. The desktop icon says QTmovie. The files That give the 2048 error have real player on the desktop icon.I have uninstalled and reinstalled, even disabling norton before reinstalling still error 2048 on QT. P.S. Itunes and QT were downloaded as a bundle, whatever the problem is is affecting itunes because now when i add files to library they don't show up.