Sandbox violation when accessing sockets

Similar Messages

• *** Security Sandbox Violation *** when calling a You Tube video

  Hi,
  I get an error when I run my SWF, it says
  *** Security Sandbox Violation ***
  SecurityDomain 'http://s.ytimg.com/yt/swfbin/apiplayer3-vflS6GT64.swf' tried to access incompatible context 'file:///C|/Users/mww/web/crafty%20copy/10%2D11.swf'
  My code is
  // start of code
  Security.allowDomain("www.youtube.com");
  var my_playerbject;
  var my_loader:Loader = new Loader();
  my_loader.load(new URLRequest("http://www.youtube.com/apiplayer?version=3"));
  my_loader.contentLoaderInfo.addEventListener(Event .INIT, onLoaderInit);
  function onLoaderInit(e:Event):void{
  movArticles.movArticle2.videoPlayerHolder.videoMov 2.addChild(my_loader);
  my_player = my_loader.content;
  my_player.addEventListener("onReady", onPlayerReady);
  function onPlayerReady(e:Event):void{
  my_player.setSize(640,360);
  my_player.cueVideoById("CtOj8kpLIlI",0);
  // end of code
  Any help would be much apreciated, Thanks

  I tried adding those, as well as these :
  Security.allowDomain("www.youtube.com");
  Security.allowDomain("s.ytimg.com");
  Security.allowDomain("s2.ytimg.com");
  Security.allowDomain("*.youtube.com");
  Security.allowDomain("*.ytimg.com");
  Security.allowDomain("com.google.utils.SafeLoader");
  Security.allowDomain("http://s.ytimg.com");
  Security.allowDomain("http://www.youtube.com/apiplayer?version=3");
  Security.allowDomain("o-o.preferred.lhr14s07.v15.lscache6.c.youtube.com");
  Security.allowDomain("i1.ytimg.com");
  Security.allowDomain("i2.ytimg.com");
  Security.allowDomain("i3.ytimg.com");
  Security.allowDomain("i4.ytimg.com");
  Security.allowDomain("http://www.youtube.com");
  Security.allowDomain("googleads.g.doubleclick.net");
  Security.allowDomain("gdata.youtube.com");
  Security.allowDomain("http://s0.2mdn.net");
  Security.allowDomain("http://pagead2.googlesyndication.com");
  Security.loadPolicyFile("http://www.youtube.com/crossdomain.xml");
  Security.loadPolicyFile("http://s2.youtube.com/crossdomain.xml");
  Security.loadPolicyFile("www.youtube.com");
  Security.loadPolicyFile("http://www.youtube.com");
  Security.loadPolicyFile("s.ytimg.com");
  Security.loadPolicyFile("http://s.ytimg.com");
  Security.loadPolicyFile("s2.ytimg.com");
  Security.loadPolicyFile("i1.ytimg.com");
  Security.loadPolicyFile("i2.ytimg.com");
  Security.loadPolicyFile("i3.ytimg.com");
  Security.loadPolicyFile("googleads.g.doubleclick.net");
  Security.loadPolicyFile("gdata.youtube.com");
  Security.allowInsecureDomain("www.youtube.com");
  Security.allowInsecureDomain("http://www.youtube.com");
  Security.allowInsecureDomain("*.youtube.com");
  Security.allowInsecureDomain("s.ytimg.com");
  Security.allowInsecureDomain("http://s.ytimg.com");
  Security.allowInsecureDomain("s2.ytimg.com");
  Security.allowInsecureDomain("*.ytimg.com");
  Security.allowInsecureDomain("i1.ytimg.com");
  Security.allowInsecureDomain("i2.ytimg.com");
  Security.allowInsecureDomain("i3.ytimg.com");
  Security.allowInsecureDomain("googleads.g.doubleclick.net");
  Security.allowInsecureDomain("gdata.youtube.com")
  YouTube's own ActionScript player example gives the same warnings. I think it might be something to do with the way the API is loaded, because instead of using a Loader & URLRequest I use:
  <s:SWFLoader id="swfload" source="http://www.youtube.com/apiplayer?version=3"/>
  Then in ActionScript:
  protected var player:Object;
  player=swfload.content;
  Then access the API like this:
  player.setPlaybackQuality(q);
  Every attempt I made to use a Loader resulted in an error when accessing the API: "Access of undefined property setPlaybackQuality", but when loaded into an Object like YouTube's own example, Flex does not check for these functions before compiling and accesses them after they have loaded. I tried finding out about bridges among other things, but even the YouTube forums cannot answer this one and it is a common problem.
              Security.allowDomain("www.youtube.com");
              Security.allowDomain("s.ytimg.com");
              Security.allowDomain("s2.ytimg.com");
              Security.allowDomain("*.youtube.com");
              Security.allowDomain("*.ytimg.com");
              Security.allowDomain("com.google.utils.SafeLoader");
              Security.allowDomain("http://s.ytimg.com");
              Security.allowDomain("http://www.youtube.com/apiplayer?version=3");
              Security.allowDomain("o-o.preferred.lhr14s07.v15.lscache6.c.youtube.com");
              Security.allowDomain("i1.ytimg.com");
              Security.allowDomain("i2.ytimg.com");
              Security.allowDomain("i3.ytimg.com");
              Security.allowDomain("i4.ytimg.com");
              Security.allowDomain("http://www.youtube.com");
              Security.allowDomain("googleads.g.doubleclick.net");
              Security.allowDomain("gdata.youtube.com");
              Security.allowDomain("http://s0.2mdn.net");
              Security.allowDomain("http://pagead2.googlesyndication.com");
              Security.loadPolicyFile("http://www.youtube.com/crossdomain.xml");
              Security.loadPolicyFile("http://s2.youtube.com/crossdomain.xml");
              Security.loadPolicyFile("www.youtube.com");
              Security.loadPolicyFile("http://www.youtube.com");
              Security.loadPolicyFile("s.ytimg.com");
              Security.loadPolicyFile("http://s.ytimg.com");
              Security.loadPolicyFile("s2.ytimg.com");
              Security.loadPolicyFile("i1.ytimg.com");
              Security.loadPolicyFile("i2.ytimg.com");
              Security.loadPolicyFile("i3.ytimg.com");
              Security.loadPolicyFile("googleads.g.doubleclick.net");
              Security.loadPolicyFile("gdata.youtube.com");
              Security.allowInsecureDomain("www.youtube.com");
              Security.allowInsecureDomain("http://www.youtube.com");
              Security.allowInsecureDomain("*.youtube.com");
              Security.allowInsecureDomain("s.ytimg.com");
              Security.allowInsecureDomain("http://s.ytimg.com");
              Security.allowInsecureDomain("s2.ytimg.com");
              Security.allowInsecureDomain("*.ytimg.com");
              Security.allowInsecureDomain("i1.ytimg.com");
              Security.allowInsecureDomain("i2.ytimg.com");
              Security.allowInsecureDomain("i3.ytimg.com");
              Security.allowInsecureDomain("googleads.g.doubleclick.net");
              Security.allowInsecureDomain("gdata.youtube.com")

• Security Sandbox Violation when trying to open new window

  Hi guys
  I have a flash button that I would like to open a new window
  of a specific size when clicked. I found some code on a thread at
  flashkit and tried that out, but when testing in flash I get the
  following message:
  *** Security Sandbox Violation ***
  Connection to javascriptopenNewWindow('
  http://www.designlogic.com.ph/assets/Web_pages/tropicanacomp.gif','height=500,width=500,to p=10,left=100,toolba
  r=no,scrollbars=yes') halted - not permitted from
  file:///C|/Users/James/Graphics/Websites/Design%20Logic/Raw%5FImages/Flash/flashbuttons/G allery%20icons/webPagesIcons/Tropicana1.swf
  Here is the code I inserted into the actionscript:
  on (release) {
  getURL("javascriptopenNewWindow('
  http://www.designlogic.com.ph/assets/Web_pages/tropicanacomp.gif','height=500,width=500,to p=10,left=100,toolba
  r=no,scrollbars=yes') ");
  I also tried steamrolling ahead and testing it from
  dreamweaver after inserting the flash onto my page, but it doesn't
  fucntion. No surprises there.
  Would really appreciate it if someone could help me out with
  this.

  Oh its AS 2.0 by the way :)

• Security Sandbox Violation when calling a remote service from a worker

  From my application, I make calls to a BlazeDS server, that works fine.
  I added a worker that calls the same services on the same server. But then, only for the calls from the worker, I have a Security Sandbox Violation error. I launch the application from FB in debug mode.
  This is the message :
  Error: [strict] Ignoring policy file at http://xxxxxxxxxxxx/crossdomain.xml due to incorrect syntax.  See http://www.adobe.com/go/strict_policy_files to fix this problem.
  *** Security Sandbox Violation ***
  Connection to http://xxxxxxxxxxxxxx/appstore-admin/messagebroker/amfpolling halted - not permitted from file:///D:/Projects/appstoreClientsNext/MultiAppstoreAdmin/bin-debug/MultiAppstoreAdmin.swf
  Error: Request for resource at http://xxxxxxxxxxxxx/appstore-admin/messagebroker/amfpolling by requestor from file:///D:/Projects/appstoreClientsNext/MultiAppstoreAdmin/bin-debug/MultiAppstoreAdmin.swf is denied due to lack of policy file permissions.
  What should I do to allow the worker to make remote calls ?

  I made some progress on this. There are two different cases :
  1) The service you want to access has a crossdomain.xml file
  All the workers can access the service without a problem.
  2) The service you want to access doesn't have a crossdomain.xml file
  Whether you launch from FB in debug mode or you put your application on the same server you are trying to access, only the primordial worker will access the service, the other workers will encounter a security error.
  I believe this is a bug. Shouldn't a worker have the same access privileges as the primordial worker ?

• Security sandbox violation when URL doesn't have 'www'

  I am loading an external swf file from the same domain into my main flash movie using an absolute path: "http://www.sitename.com/movie.swf". The problem is that when someone goes to the site without the 'www' in the address: "http://sitename.com" - the movie throws a sandbox error upon trying to load the 2nd movie.
  I have a crossdomain in place set to: <allow-access-from domain="*" secure="false"/>.
  I also have: Security.allowDomain("*"); in the document class of the main movie.
  I realize I could use a relative path to load the movie instead of the absolute path, but shouldn't the cross domain file and/or the allowDomain command take care of the security issues? Is there another workaround besides the relative path?
  Thanks,
  Amanda

  The crossdomain should work.  Check to make sure you have it set up properly.
  Another workaround is to use the LocalConnection class to grab the current domain.  We do this at my company, where we distribute files out to the local server of the branch.
  import flash.net.LocalConnection;
  var lc:LocalConnection = new LocalConnection();
  var myIP:String = lc.domain();
  var pathToLoad = "http://"+myIP+"/movie.swf";

• Flash CS5.5: Loading XML-file causes a "Security Sandbox Violation"

  Hi,
  after upgrading from CS3 to CS5.5, i get a "Security Sandbox Violation" when loading a XML-file. With CS3 everything was fine, but now my file is not working any more. The XML-file and my SWF-file are stored in the same directory and it nether work local nor on the webserver.
  I don't know the correct message in english, but flash tells me something like:
  "Security Sandbox Violation"
  access to file:[]data.xml disconnent - not allowed from file:[]myfile.swf
  Why am I not allowed to load an XML-file from the same directory/domain any more? And how can I get my data into my flash-File now?
  It doesn't seems to be a Flash-Player-Problem, because an older version with the same code still works. So the problem has to be located in Flash CS5.5
  Can anybody help me? Thanks a lot!
  Sonja

  Please ask such questions on the product specific forums. It is highly doubtful that anyone wil lsee it here.
  Mylenium

• Socket connections blocked... (sandbox violation)

  I'm having trouble with Flash Player 10, regarding opening of sockets. I have a socket server responding on port 843, my custom port and a web server hosting a crossdomain.xml file.
  The problem is that when I try to run with the debugger, it won't even attempt to make a connection.
  The policy log shows this:
  OK: Root-level SWF loaded: file:///xxxxx/Main.swf
  OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at xmlsocket://xxxxx.com:53280 by requestor from file:///xxxxx/Main.swf
  Error: Failed to load policy file from xmlsocket://xxxxx.com:53280
  Error: Request for resource at xmlsocket://xxxxx.com:53280 by requestor from file:///xxxxx/Main.swf has failed because the server cannot be reached.
  The error is this:
  Security error: [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048: Security sandbox violation: file:///opt/Develop/glig/Flash/Widgets/chat/Main.swf cannot load data from xxxxx.com:53280."]
  The sandbox mode is: localWithNetwork
  The flash player version is: 10,0,22,87
  I also used the line Security.loadPolicyFile("xmlsocket://xxxxx.com:53280"), but without success.
  The remote server is reachable and responding to <policy-file-request/>, but does not register any connection attempts.
  This all worked perfectly fine with version 9, where it would do a http request for crossdomain.xml. According to all the documentation I've read, my approach should work, but the player isn't even attempting to connect.
  Does anyone have an idea?

  You may have already solved this, but here's a response anyways.
  Is your socket server serving up the policy file, or your web server (i.e. through HTTP)? If you are connecting through sockets, then the policy file must be served up through the socket server, it doesn't care about an HTTP policy.
  Good luck!
  Taylor
  4Point Solutions Ltd.
  http://blogs.4point.com/taylor.bastien/

• SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: cannot access

  When we try to print the Google Map API for Flash component, it is throwing the Security Sandbox Violation
        SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://ps6143:8080/aa/XYZ/Main.swf/[[DYNAMIC]]/1 cannot access  http://mt1.google.com/vt/lyrs=m@171000000&hl=en&src=api&x=1&y=1&z=1&s=Gali&flc=x3t. No policy files granted access.
  at flash.display::BitmapData/draw()
  To avoid this error we tried to use the alternate API provided by library. But that also causing cross domain issue as it loading some 3d library internally which is not able to access our application.
  SecurityError: Error #2121: Security sandbox violation: BitmapData.draw: http://maps.googleapis.com/mapfiles/lib/map_1_20_10_3d.swf cannot access http://ps6143.persistent.co.in:8080/dv/SiteOptimizer/SiteOptimizer.swf/%5b%5bDYNAMIC%5d%5d /1http://ps6143:8080/aa/XYZ/Main.swf/[[DYNAMIC]]/1. This may be worked around by calling Security.allowDomain.
  at flash.display::BitmapData/draw()
  Please help us in resolving this issue.
  Thanks & Regrds,
  Ravi Darji

  There is no redirect... Charles is a web proxy so it will look completely legitimate to the browser.
  According to the help, it's getting the access request from the SWF itself and not the crossdomain.xml file:
  In the case of a source object other than a loaded bitmap, the source object and (in the case of a Sprite or MovieClip object) all of its child objects must come from the same domain as the object calling the draw() method, or they must be in a SWF file that is accessible to the caller by having called the Security.allowDomain()method.
  http://help.adobe.com/en_US/ActionScript/3.0_ProgrammingAS3/WS5b3ccc516d4fbf351e63e3d118a9 b90204-7d1b.html#WS5b3ccc516d4fbf351e63e3d118a9b90204-7c4a
  So the default state accessing a SWF on a different domain is protected, unless that SWF allows some or all domains to access it via the Security.allowDomain() method.

• Security Sandbox violation bitmapData.draw() cant access null

  very strange.  I am testing with two different HD streams.  One an akamai stream and another one of our clients not on akamai and using an F4M manifest file.  I have tried allowing the domain and they have a crossdomain.xml file on their side but i still get this error.  
  SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://web.mobilerider.com/flash/osmflive/OSMF_Live.swf?mediaID=190&vendorID=513&extras=vs :1,skin:osmf_live,muteOn:0,autoplay:1,live:1,showArchive:1,&serviceID=2&jsID=1316213568052 cannot access null. No policy files granted access.
  any help would be very appreciated, thanks

  Hello!
  This seems to be relevant:
  http://forums.adobe.com/message/3759490#3759490

• Air app, Rest service, Security sandbox violation

  Hi All,
    I wrote an app a couple of years ago using flex 3 that connects to a number of remote web services and does various things.
  This worked fine.
  Now I have been asked by the customer to update the app as it stopped working at some point.
  I am trying to use the resthttpservice library to do a PUT operation, but I am getting the following error when I try and create a socket to the remote server:
  Error #2048: Security sandbox violation: app:/main.swf cannot load data from http://my.host:8182
  Now, it's been a while since I've done anything with flex so I am rusty. But this error is usually fixed by having a crossdomains.xml file on the remote server. But it was my understanding that this was only required when one's app was running from within the browser and that desktop applications are not effected.
  Can anyone clarify this for me? It seems that there were changes made to the flash player in version 10 that might have changed this.
  I am very puzzled at this point!
  thanks for any help!

  These articles discuss security changes between FP 9 and 10:
  http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9-10_security.html
  What is impacted?
  This change can potentially affect any SWF file accessing cross-domain content. This change affects SWF files of all versions played in Flash Player 10 and later. This change affects all non-app content in Adobe AIR (however, AIR app content itself is unaffected).
  What do I need to do?
  Read the article: http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html

• Security violation connecting to socket

  We have a Windows application that is installed locally and
  listens to port 9999. It receives XML and responds with XML.We also
  have a Flex application that opens an XML socket to localhost and
  port 9999 and is able to communicate with our Windows application
  when run locally. However, when deployed to a web server, it
  triggers a Security sandbox violation.
  From all that I've read, the thing to do here is edit the
  crossdomain.xml file to allow access to that port. However, this
  doesn't seem to work. Currently, our Flex app is running on "
  http://localhost:3000/" and "
  http://localhost:3000/crossdomain.xml"
  contains the following:
  <?xml version="1.0" ?>
  - <cross-domain-policy>
  <allow-access-from domain="*" to-ports="*" />
  </cross-domain-policy>
  I've tried specifying the domains and ports specifically, but
  that doesn't seem to do anything. What am I doing wrong? Thanks in
  advance.

  If you still need an answer to this: I think you need to
  create an application that will serve a socket policy file to the
  flash player to let it know that it can create a socket connection
  to port 9999. See
  http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html
  for more details. Hope that helps!

• How to resolve security sandbox violation (Error#2148) in Flex 3 on XP?

  Hi,
  When I tried to access an image on c:\ (on XP), I get the following error:
  *** Security Sandbox Violation ***
  Connection to file:///C:\DBFiles\3.jpg halted - not permitted from http://localhost/test-debug/test.swf
  -- Remote SWFs may not access local files.SecurityError: Error #2148: SWF file http://localhost/ullmanphp-debug/ullmanphp.swf cannot access local resource file:///C:\DBFiles\INDSprintOrgChart.pptx\3.jpg. Only local-with-filesystem and trusted local SWF files may access local resources.
  at flash.display::Loader/_load()
  at flash.display::Loader/load()
  It looks like some sort of mismatch on security settings. I have done the following so far (based on what I got by googling....)
  1. Flex comipler setting additional compiler arguments:  -use-network=false
  2. I have added a crossdomain.xml on the source directory with these lines...
  <site-control permitted-cross-domain-policies="master-only"/>
  <allow-access-from domain="*"/>
  <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
  However, error is still appearing. How do I fix this for testing on my local machine. I cannot move to a webserver at this time.
  Thanks!.

  How do I set Security.sandboxType related to flash player? When I try to see it in my application through debugger it says "remote". I think I need to set it to one of the following from the adobe manual pages...
  Security.sandboxType has one of the following values:
  remote (Security.REMOTE)—This file is from an Internet URL and operates under domain-based sandbox rules.
  localWithFile (Security.LOCAL_WITH_FILE)—This file is a local file, has not been trusted by the user, and it is not a SWF file that was published with a networking designation. The file may read from local data sources but may not communicate with the Internet.
  localWithNetwork (Security.LOCAL_WITH_NETWORK)—This SWF file is a local file, has not been trusted by the user, and was published with a networking designation. The SWF file can communicate with the Internet but cannot read from local data sources.
  localTrusted (Security.LOCAL_TRUSTED)—This file is a local file and has been trusted by the user, using either the Flash Player Settings Manager or a FlashPlayerTrust configuration file. The file can read from local data sources and communicate with the Internet.
  application (Security.APPLICATION)—This file is running in an AIR application, and it was installed with the package (AIR file) for that application. By default, files in the AIR application sandbox can cross-script any file from any domain (although files outside the AIR application sandbox may not be permitted to cross-script the AIR file). By default, files in the AIR application sandbox can load content and data from any domain.
  Any input on how to set it would be greatly appreciated. Thanks!

• Security Sandbox violation, opening links in Flash player

  Hi,
  I have a swf content and its content served from a content management server say for eg, http://www9.abc.com into the html file which is served from http://qwww9.abc.com The links embedded in the flash were not working, when these links are clicked I get this error when tried with Flash debugger player.
  *** Security Sandbox Violation ***SecurityDomain 'http://qwww9.abc.com/' tried to access incompatible context 'https://www9.abc.com/sample.swf'
  I had set a crossdomain policy file in a custom location in the content management server for this issue, but with the Flash player 9,0,115,0 this stopped working due to default policy change to "master-only". I will not be able to have this policy file in the root folder of the content management server or have the policy set in the HTTP response header.
  Is there anyother solution for this issue, for having the links work without setting the crossdomain policy file?
  Thanks in advance...

  How do I set Security.sandboxType related to flash player? When I try to see it in my application through debugger it says "remote". I think I need to set it to one of the following from the adobe manual pages...
  Security.sandboxType has one of the following values:
  remote (Security.REMOTE)—This file is from an Internet URL and operates under domain-based sandbox rules.
  localWithFile (Security.LOCAL_WITH_FILE)—This file is a local file, has not been trusted by the user, and it is not a SWF file that was published with a networking designation. The file may read from local data sources but may not communicate with the Internet.
  localWithNetwork (Security.LOCAL_WITH_NETWORK)—This SWF file is a local file, has not been trusted by the user, and was published with a networking designation. The SWF file can communicate with the Internet but cannot read from local data sources.
  localTrusted (Security.LOCAL_TRUSTED)—This file is a local file and has been trusted by the user, using either the Flash Player Settings Manager or a FlashPlayerTrust configuration file. The file can read from local data sources and communicate with the Internet.
  application (Security.APPLICATION)—This file is running in an AIR application, and it was installed with the package (AIR file) for that application. By default, files in the AIR application sandbox can cross-script any file from any domain (although files outside the AIR application sandbox may not be permitted to cross-script the AIR file). By default, files in the AIR application sandbox can load content and data from any domain.
  Any input on how to set it would be greatly appreciated. Thanks!

• Error #2048: Security sandbox violation

  I've been developing Flex apps for a couple of years now and feel comfortable with my development environment.
  I'm testing out Gumbo in my same environment (new workspace): WAMP based
  My test app works fine on my localhost set up... but when I upload the files to my hosted domain server... I get Error #2048: Security sandbox violation.
  Specifically:
  - I'm invoking an HTTPService by setting the url to a relative path (folder/file in same dir as the swf)
  - I set method to POST and useProxy to false
  (<fx:Declarations>
          <s:HTTPService id="contentService" url="data/verd_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
      </fx:Declarations>)
  - I wrapped the send call in a try / catch block and show an Alert with the error message in the catch... here's what it says
  body = (null)
    clientId = "DirectHTTPChannel0"
    correlationId = "F4B9A542-8B00-5CDB-3C36-1316919FC255"
    destination = ""
    extendedData = (null)
    faultCode = "Channel.Security.Error"
    faultDetail = "Destination: DefaultHTTP"
    faultString = "Security error accessing url"
    headers = (Object)#1
      DSStatusCode = 0
    messageId = "E629F555-EF8B-E535-7CE4-13169662A82A"
    rootCause = (flash.events::SecurityErrorEvent)#2
      bubbles = false
      cancelable = false
      currentTarget = (flash.net::URLLoader)#3
        bytesLoaded = 0
        bytesTotal = 0
        data = (null)
        dataFormat = "text"
      eventPhase = 2
      target = (flash.net::URLLoader)#3
      text = "Error #2048: Security sandbox violation: http://****.com/Main.swf cannot load data from http://localhost:***/data/verd_content.xml?hostport=***t.com&https=N&id=F4B9A542-8B00-5CDB -3C36-1316919FC255."
      type = "securityError"
    timestamp = 0
    timeToLive = 0
  *NOTE: I obfuscated parts of the url for security reasons
  I read the other similar posts here about problems like this when using the PHP / Zend set up... but I checked the .actionScriptProperties file and it does not have any URLs in there (like localhost:port#)
  I'm not using a service-config.xml file in this project... but I have set up WebORB for PHP servers and use that all the time... so I know how that works...
  Is this a bug or am I missing something new in the Gumbo ?
  Again: my swf file is in a folder in the webroot on my ISP
  also inside that folder is another folder with an XML file in it
  I'm setting an HTTPService call using the url parameter on a POST with a relative file path (folder/filename.xml)
  changing the url to an absolute makes no difference...
  thanks in advance for any help

  Sure...
  here's the code that contains both the HTTPService setup and the URLLoader setup... like i said in the original post.. the HTTPService call throws the error described, whereas the URLLoader call does not:
  private var loader : URLLoader = new URLLoader();
  private var req : URLRequest = new URLRequest("data/***dant_content.xml");//path obfuscated
  protected function Application_creationComplete():void
      // This works...
      loader.addEventListener( Event.COMPLETE, parseContent );
      loader.addEventListener( IOErrorEvent.IO_ERROR, contentFault );
      // This does not...
      /* contentService.addEventListener( ResultEvent.RESULT, parseContent );
          contentService.addEventListener(FaultEvent.FAULT, contentFault ); */
      try
          loader.load( req );
      catch (err:Error)
          Alert.show("In Try Catch Error Block: " + err.message);
          currentState='home';
  the HTTPService was set up like this: (again, i obfuscate the URLs for security)
      <fx:Declarations>
          <s:HTTPService id="contentService" url="data/***dant_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
      </fx:Declarations>
  the parseContent function setup in the event listener justs reads the XML file and uses that data to build an image gallery.
  hope this helps (for what its worth: I'm not doing anything serious with Gumbo as of yet due to these kinds of bugs)

• Error #2048 (Sandbox Violation) in AIR prevents future hostname resolution

  Scenario:
  Create an application which tries opening 100 socket connections. This in turn triggers an Error #2031(Socket Error) on a few of them, I believe this is a limitation in Flash? or something similar? After a few seconds, those same socket connections will trigger an Error #2048 (Security Sandbox Violation).
  If the hostname which you used to connect to the sockets is a name (ex: "localhost") it will prevent any new connections from opening at all and will trigger an Error #2048 on all those future connections even though they are completely unrelated to the first.
  If the hostname which you use is an IP Address ("127.0.0.1") those individual connections will have failed but no future interaction will be affected.
  Problem:
  1) Why is an AIR application triggering a security sandbox error at all?
  2) Why is this error locking up hostname resolution?
  3) Is this in fact a hostname resolution problem since there are no issues when using an IP address?
  3a) In my testing it appears that once the Error #2048 "locks" resolution, it can be "unlocked" by using an IP Address on any socket (any successful socket connection really) which will restore the name resolution capability. Or so it seems.
  Any help would be greatly appreciated. Until I nailed down the specific cases where this was happening the errors appeared very byzantine.
  It is not only the Error #2031 from too many connections that triggers the Error #2048. The main problem is that Error #2048 is triggered by unspecified socket errors (unexpected close for example) and hence locks up future connections.
  The reason this is such a problem is that I'm creating an application specifically for the purpose of monitoring a custom server so errors do happen, and if future requests cannot complete a connection due to name lookup failure it can cause a huge problem for monitoring validity.

  Any help with this would be greatly appreciated.