This is crossdomain?

Similar Messages

• Flex encounters "Security error accessing url.Unable to load WSDL"

  i have created a flex application which connects to SAP via web service.
  when i try to run my flex application i encounter the following error.
  "Security error accessing url.Unable to load WSDL"
  i went through various posts relating a BSP application and crossdomain.xml
  i have created the crossdomain.xml file in the application and
  i tried those options and still not able to figure out the problem.
  the security error is because of the absence of the crossdomain.xml file, and in which path should i be saving the file?
  Kindly help me solve the problem.
  Thanks in advance.

  Have you seen this blog
  "Crossdomain.xml" in ABAP Web AS Server cache

• Security error accessing ur unable to load wsdl

  HI
  I am using a webservice(.net webservice) that is on my
  localhost and using it in flex application that is also on my
  system. Means both the webservice and flex application are on the
  same system.
  But when i gives the reference of the webservice using the
  system ip and run the application by the flex builder it generates
  the error as:
  mx.messaging.messages::ErrorMessage)#0
  body = (Object)#1
  clientId = "DirectHTTPChannel0"
  correlationId = "24CD6542-F141-1A05-BA35-00A108CB30A0"
  destination = ""
  extendedData = (null)
  faultCode = "Channel.Security.Error"
  faultDetail = "Destination: DefaultHTTP"
  faultString = "Security error accessing url"
  headers = (Object)#2
  messageId = "CC123DF0-0E6C-05FF-7894-00A109676283"
  rootCause = (flash.events::SecurityErrorEvent)#3
  bubbles = false
  cancelable = false
  currentTarget = (flash.net::URLLoader)#4
  bytesLoaded = 0
  bytesTotal = 0
  data = (null)
  dataFormat = "text"
  eventPhase = 2
  target = (flash.net::URLLoader)#4
  text = "Error #2170: Security sandbox violation:
  http://localhost:3000/MYCIMS/flex_bin/Design.swf
  cannot send HTTP headers to
  http://myip/MyServer/AdminWS.asmx."
  type = "securityError"
  timestamp = 0
  timeToLive = 0
  I have put crossdomain.xml file in the root of the localhost
  and made every changes possible in the crossdomain.xml file but the
  application is not running.
  Please somebody provide an effective solution, I have spend
  lots of time to resolve the problem but its not being....
  Thanks in advance
  Gopi Saini

  Have you seen this blog
  "Crossdomain.xml" in ABAP Web AS Server cache

• Security error accessing url (Unable to load WSDL)

  Hi folks.
  I have a Flex project that use a WCF webservice. In my localhost everything is allright, but I want to upload my flex project to a web host (http://www.dorj.ir) and upload my WCF webservice to a server that has a valid IP...
  After going to http://www.dorj.ir, you can see this error
  Security error accessing url
  Unable to load WSDL. If currently online, please verify the URI and/or format of the WSDL (http://ip/service.svc?wsdl)
  I put the crossdomain.xml file in the root of my server:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
       <allow-access-from domain="http://www.dorj.ir" />
       <allow-http-request-headers-from domain="http://www.dorj.ir" headers="SOAPAction"/>
  </cross-domain-policy>
  But I have the same error, yet...!
  what should I do?!

  Have you seen this blog
  "Crossdomain.xml" in ABAP Web AS Server cache

• Placing an object/file in defalut host root folder

  Hi All,
  I am facing a problem in placing a MIME object i.e. a XML file in the root folder.
  I have written a FLEX application which sends a request for a particular file in the root folder.
  It attempts to access the following link.
  http://mysap.xyz.com/crossdomain.xml
  I want to place this crossdomain.xml file in the root folder.
  Can I do it by using some transactions in SAP or it has to be done at the OS level.
  I tried uploading the file from MIME Repository and looked around in the SICF transaction, but with no success.
  Regards,
  Ameya

  Have a look at this thread: crossdomain.xml on WAS
  Kind regards,
  Roland

• HTTPService basic authorization headers...

  Hi,
  I am trying to programatically add the Authorization header to a HTTPService call, but apparently the flash player 9 and 10 remove this header. crossdomain.xml with
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM
  "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
    <allow-access-from domain="*"/>
    <allow-http-request-headers-from domain="*" headers="Authorization"/>
  </cross-domain-policy>
  Does not work either.
  My code is as follows:
  <?xml version="1.0" encoding="utf-8"?>
  <mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute">
      <mx:Script>
      <![CDATA[
      import mx.controls.Alert;
      import mx.rpc.events.ResultEvent;
      import mx.rpc.events.FaultEvent;
      import mx.utils.Base64Encoder;
         private function addAuthHeader(serv:*, username:String,password:String):void {
               //add the header to request
               var encoder : Base64Encoder = new mx.utils.Base64Encoder();
               encoder.insertNewLines = false;
               encoder.encode(username + ":" + password);
               var prop:String = "Basic "+ encoder.toString();
               serv.headers = {"Authorization":prop};
               //serv.headers["Authorization"] = "Basic " + encoder.toString();
               serv.send();
             private function getURL():void {
                addAuthHeader(myService, "admin", "crypticpassw");
              private function widgetResultHandler(event:ResultEvent):void
                  myText.text = event.result as XML;
              private function widgetFaultHandler(event:FaultEvent):void
                  Alert.show(event.fault.message, "Oeps..." + event);
      ]]>
      </mx:Script>
  <mx:HTTPService id="myService"
              url="http://localhost:8080/test/search/firstpage.xml"
              resultFormat="e4x"
                      result="widgetResultHandler(event);"
                      fault="widgetFaultHandler(event);"/>
  <mx:Button id="go" label="GO" click="getURL()" x="97" y="145"/>
  <mx:TextArea id="myText" x="97" y="48" width="223" height="89"/>
  <mx:Label x="97" y="22" text="Stop the custom search"/>
  </mx:Application>
  Can anyone tell me how I can get this functionality to work. The numerous examples on the web all look like mine, but none works because the header is removed before sending the request to the server.
  Kind regards,
  Marc de Kwant

  Hi,
  I am trying to programatically add the Authorization header to a HTTPService call, but apparently the flash player 9 and 10 remove this header. crossdomain.xml with
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM
  "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
    <allow-access-from domain="*"/>
    <allow-http-request-headers-from domain="*" headers="Authorization"/>
  </cross-domain-policy>
  Does not work either.
  My code is as follows:
  <?xml version="1.0" encoding="utf-8"?>
  <mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute">
      <mx:Script>
      <![CDATA[
      import mx.controls.Alert;
      import mx.rpc.events.ResultEvent;
      import mx.rpc.events.FaultEvent;
      import mx.utils.Base64Encoder;
         private function addAuthHeader(serv:*, username:String,password:String):void {
               //add the header to request
               var encoder : Base64Encoder = new mx.utils.Base64Encoder();
               encoder.insertNewLines = false;
               encoder.encode(username + ":" + password);
               var prop:String = "Basic "+ encoder.toString();
               serv.headers = {"Authorization":prop};
               //serv.headers["Authorization"] = "Basic " + encoder.toString();
               serv.send();
             private function getURL():void {
                addAuthHeader(myService, "admin", "crypticpassw");
              private function widgetResultHandler(event:ResultEvent):void
                  myText.text = event.result as XML;
              private function widgetFaultHandler(event:FaultEvent):void
                  Alert.show(event.fault.message, "Oeps..." + event);
      ]]>
      </mx:Script>
  <mx:HTTPService id="myService"
              url="http://localhost:8080/test/search/firstpage.xml"
              resultFormat="e4x"
                      result="widgetResultHandler(event);"
                      fault="widgetFaultHandler(event);"/>
  <mx:Button id="go" label="GO" click="getURL()" x="97" y="145"/>
  <mx:TextArea id="myText" x="97" y="48" width="223" height="89"/>
  <mx:Label x="97" y="22" text="Stop the custom search"/>
  </mx:Application>
  Can anyone tell me how I can get this functionality to work. The numerous examples on the web all look like mine, but none works because the header is removed before sending the request to the server.
  Kind regards,
  Marc de Kwant

• Meta-policy failure

  A client is running a webservice at
  https://www.client.com/subdir/wsdl. They have a crossdomain at
  https://www.client.com/subdir/crossdomain.xml. My swf runs off of
  http://www.mysite.com/. My swf
  has always been able to connect to https://www.client.com/subdir/
  until flash player 10 enforced a default meta-policy at the server
  root level. Now users with flash player 10 cannot use my swf to
  connect to my client.
  So according to the new rules, my client should setup a new
  meta-policy crossdomain at their root:
  https://www.client.com/crossdomain.xml. This new crossdomain should
  have the contents: <cross-domain-policy><site-control
  permitted-cross-domain-policies="all"/></cross-domain-policy>.
  This should allow any subdiretory crossdomain to work.
  It doesn't work. I tested this setup on two different HTTP
  servers, and it works. I read this article in detail:
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_03.html
  and I can't figure what else to do. Is there something about HTTPS?
  Should I just get the client to post a regular crossdomain at the
  root, instead of the meta-policy? I need a solution that works, as
  it's a pain for the client to make server root changes.
  Thanks

  can you open a webcase and we can get an agent on it? This
  needs more attention than I can give it just now..
  The meta-policy file looks fine to me..
  however, in the other crossdomain, if your resources are on
  https, then you need secure=true .... you show 'false'.
  From the article you linked to earlier:
  "Since policy files were introduced, Flash Player has
  supported a special attribute in the <allow-access-from>
  directives of policy files from HTTPS servers: secure="true". When
  secure="true" is specified, SWF files from the domain or domains
  listed in that <allow-access-from> directive are permitted to
  retrieve data only if those SWF files are themselves retrieved over
  HTTPS. This helps protect the data from HTTPS servers, and helps
  ensure that it does not flow to SWF files whose origin cannot be
  strongly authenticated."
  Beyond that (and opening a case) I'd strongly recommend
  enabling logging and seeing what errors are being thrown:
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_05.html
  Regards,
  Bentley Wolfe
  Senior Support Engineer, Flash/Flash Player/Digital Editions
  Adobe

• BI Widgets - The host cannot be connected

  Hello
  I get an error when I try to connect to SAP BusinessObjects XI 3.1 SP2 from BOBJ BI Widgets SP2.
  I get this error with SAP BusinessObjects XI 3.1 SP2. When I had SAP BusinessObjects XI 3.1 SP1 BI Widgets works fine. But now I get this error:
  Login exception (Error: FWM 01003). Server <servername> not found or server may be down (FWM 01003)#
  In Host and Login Preferences I put Host Name and Host URL next this screen show me "Connecting to URL successfully". Next I put User Name, Password and Authentication and click in OK. The error appear.
  I applied this SAP notes, but BI Widgets does not work.
  1255097, 1288027.
  Best Regards,
  Paulina

  Hi Ranjit
  Please check if cross domain is put in BusinessObjects Server in this directory: C:Program Files (x86)Business ObjectsTomcat55webappsROOT
  cross domain is a file "crossdomain.xml" it should be like that
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
  <allow-http-request-headers-from domain="" headers="" secure="false" />
  <allow-access-from domain="*" secure="false" />
  </cross-domain-policy>
  If you don't get this file. Open a notepad, copy the last code and save it with this name "crossdomain.xml". I think it should work.
  Regards,
  Paulina Villací

• XMLSocket Security Problem?

  Hello everyone.
  I've programmed a client and server side bandwidth testing
  system. The server side accepts socket connections on port 1234. I
  have a client side flash application which connects to the server
  side and uploads a stream of data. The server calculates the time
  is takes to receive the data thus determining the network
  bandwidth. The system appears to work perfect in the context of
  executing the flash client from the Flash compiler (i.e. Control |
  Test Movie "CTRL+Enter").
  The problem I'm having is that when I publish the flash .SWF
  and embed it into a simple .HTML file, the socket connection isn't
  working. If I try and run the .HTML file locally from my browser
  (i.e. URL=C:\Inetpub\wwwroot\Flash\Socket\Socket.html) it works
  fine. When I try to run the same file through my web server (i.e.
  URL=http://intranet/Flash/Socket/Socket.html) it fails to connect.
  I'm assuming this is some sort of security thing? Any help on why
  it works locally but not through my intranet would be greatly
  appreciated.
  Here's my client side flash code:

  I solved the problem. I think what happens is when a flash
  client attempts to make an XMLSocket connection to a destination
  server (where your server side applcation resides) on any port, in
  the context of a browser URL or non-local SWF file (i.e.
  http://www.yourserver.com/socketclient.swf),
  the flash client also checks the same destination web server's root
  directory for crossdomain.xml (via port 80). This file,
  crossdomain.xml, gives permission to the flash client to proceed
  with the socket connection. The crossdomain.xml file can be defined
  as follows:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "
  http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
  <allow-access-from
  domain="SERVERHOSTINGYOURSWFSOCKETCLIENT" />
  </cross-domain-policy>
  Just an interesting side note, by default, XMLSocket
  connections don't allow for port connections under 1024 unless
  configured to do so.

• XmlSocket.send() problem

  Hi,
  I am running two flash clients on 2 different computers. For the first computer, I am running it through flash CS3. For the second computer, I am running through flash 8. Both clients connect to a server and communicates with it. The client on the computer that runs the flash CS3 works perfectly. However, the other client starts off well but after some time, it seems that the statement xmlSocket.send(my_xml); does not propagate the whole xml string and this causes an error on the server. I would like to know if this is due to versioning issues? It seems that once the client that runs on the flash 8 has sent a certain amount of data, the error will occur where the next xml string will be truncated.
  In addition, I have tried running the second client on the latest flash player instead of from flash 8. It seems to work alright in that there are no abrupt truncations of the xml string. However, another problem arises. The outermost node of the xml string always becomes undefined whenever some action is performed. This does not occur on the first flash client running in flash CS3.
  Thank you.
  Regards
  Dobson Han

  I solved the problem. I think what happens is when a flash
  client attempts to make an XMLSocket connection to a destination
  server (where your server side applcation resides) on any port, in
  the context of a browser URL or non-local SWF file (i.e.
  http://www.yourserver.com/socketclient.swf),
  the flash client also checks the same destination web server's root
  directory for crossdomain.xml (via port 80). This file,
  crossdomain.xml, gives permission to the flash client to proceed
  with the socket connection. The crossdomain.xml file can be defined
  as follows:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "
  http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
  <allow-access-from
  domain="SERVERHOSTINGYOURSWFSOCKETCLIENT" />
  </cross-domain-policy>
  Just an interesting side note, by default, XMLSocket
  connections don't allow for port connections under 1024 unless
  configured to do so.

• Multiple plugtmp-1 plugtmp-2 etc. in local\temp folder stay , crossdomain.xml and other files containing visited websitenames created while private browsing

  OS = Windows 7
  When I visit a site like youtube whith private browsing enabled and with the add-on named "shockwave flash" in firefox add-on list installed and activate the flashplayer by going to a video the following files are created in the folder C:\Users\MyUserName\AppData\Local\Temp\plugtmp-1
  plugin-crossdomain.xml
  plugin-strings-nl_NL-vflLqJ7vu.xlb
  The contents of plugin-crossdomain contain both the "youtube.com" adress as "s.ytimg.com" and is as follows:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  -<cross-domain-policy> <allow-access-from domain="s.ytimg.com"/> <allow-access-from domain="*.youtube.com"/> </cross-domain-policy>
  The contents of the other file I will spare you cause I think those are less common when I visit other sites but I certainly don't trust the file. The crossdomain.xml I see when I visit most other flashpayer sites as well.
  I've also noticed multiple plugin-crossdomain-1.xml and onwards in numbers, I just clicked a youtube video to test, got 6 of them in my temp plus a file named "plugin-read2" (no more NL file cause I changed my country, don't know how youtube knows where I'm from, but that's another subject, don't like that either). I just noticed one with a different code:
  <?xml version="1.0"?>
  -<cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy>
  So I guess this one comprimises my browsing history a bit less since it doesn't contain a webadress. If these files are even meant to be deposited in my local\temp folder. The bigger problem occurs when they stay there even after using private browsing, after clearing history, after clearing internet temporary files, cache, whatever you can think of. Which they do in my case, got more than 50 plugtmp-# folders in the previous mentioned local\temp folder containing all website names I visited in the last months. There are a variety of files in them, mostly ASP and XML, some just say file. I have yet to witness such a duplicate folder creation since I started checking my temp (perhaps when firefox crashes? I'd say I've had about 50 crashes in recent months).
  I started checking my temp because of the following Microsoft Security Essential warnings I received on 23-4-12:
  Exploit:Java/CVE-2010-0840.HE
  containerfile:C:\Users\Username\AppData\Local\Temp\jar_cache2196625541034777730.tmp
  file:C:\Users\Username\AppData\Local\Temp\jar_cache2196625541034777730.tmp->pong/reversi.class
  and...
  Exploit:Java/CVE-2008-5353.ZT
  containerfile:C:\Users\Noname\AppData\Local\Temp\jar_cache1028270176376464057.tmp
  file:C:\Users\Noname\AppData\Local\Temp\jar_cache1028270176376464057.tmp->Testability.class
  Microsoft Security Essentials informed me that these files were quarantained and deleted but when going to my temp file they were still there, I deleted them manually and began the great quest of finding out what the multiple gigabytes of other files and folders were doing in that temp folder and not being deleted with the usual clearing options within firefox (and IE).
  Note that I have set my adobe flasplayer settings to the most private intense I could think of while doing these tests (don't allow data storage for all websites, disable peer-to peer stuff, don't remember exactly anymore, etc.). I found it highly suspicious that i needed to change these settings online on an adobe website, is that correct? When right-clicking a video only limited privacy options are available which is why I tried the website thing.
  After the inital discovery of the java exploit (which was discovered by MSE shortly after I installed and started my first scan with Malwarebytes, which in turn made me suspicious whether I had even downloaded the right malwarebytes, but no indication in the filename if I google it). Malwarebytes found nothing, MSE found nothing after it said it removed the files, yet it didn't remove them, manually scanning these jar_cache files with both malwarevytes and MSE resulted in nothing. Just to be sure, I deleted them anyways like I said earlier. No new jar_cache files have been created, no exploits detected since then. CCleaner has cleaned most of my temp folder, I did the rest, am blocking all cookies (except for now shortly), noscript add-on has been running a while on my firefox (V 3.6.26) to block most javascripts except from sites like youtube. I've had almost the same problem using similar manual solutions a couple of months ago, and a couple of months before that (clearing all the multiple tmp folders, removing or renaming jar_cache manually, running various antmalware software, full scan not finding a thing afterwards, installing extra add-ons to increase my security, this time it's BetterPrivacy which I found through a mozilla firefox https connection, I hope, which showed me nicely how adobe flash was still storing LSO's even after setting all storage settings to 0 kb and such on the adobe website, enabling private browsing in firefox crushed those little trolls, but still plugtmp trolls are being created, help me crush them please, they confuse me when I'm looking for a real threat but I still want to use flash, IE doesn't need those folders and files, or does it store them somewhere else?).
  I'm sorry for the long story and many questions, hope it doesn't scare you away from helping me fight this. I suspect it's people wanting to belong to the hackergroup Anonymous who are doing this to my system and repeating their tricks (or the virus is still there, but I've done many antivirus scans with different programs so no need to suggest that option to me, they don't find it or I run into it after a while again, so far, have not seen jar_cache show up). Obviously, you may focus on the questions pertaining firefox and plugtmp folders, but if you can help me with any information regarding those exploits I would be extremely grateful, I've read alot but there isn't much specific information for checking where it comes from when all the anti-virus scanners don't detect anything anymore and don't block it incoming. I also have downloaded and installed process monitor but it crashes when I try to run it. The first time I tried to run it it lasted the longest, now it crashes after a few seconds, I just saw the number of events run up to almost a million and lots of cpu usage. When it crashed everything returned back to normal, or at least that's what I'm supposed to think I guess. I'll follow up on that one on their forum, but you can tell me if the program is ligit or not (it has a microsoft digital signature, or the name micosoft is used in that signature).

  update:
  I haven't upgraded my firefox yet because of a "TVU Web Player" plugin that isn't supported in the new firefox and I'm using it occasionally, couldn't find an upgrade for it. Most of my other plugins are upgraded in the green (according to mozilla websitechecker):
  Java(TM) Platform SE 6 U31 (green)
  Shockwave for Director (green - from Adobe I think)
  Shockwave Flash (green - why do I even need 2 of these adobe add-ons? can I remove one? I removed everything else i could find except the reader i think, I found AdobeARM and Adobe Acrobat several versions, very confusing with names constantly switching around)
  Java Deployment Toolkit 6.0.310.5 (green, grrr, again a second java, why do they do this stuff, to annoy people who are plagued with java and flash exploits? make it more complicating?)
  Adobe Acrobat (green, great, it's still there, well I guess this is the reader then)
  TVU Web Player for FireFox (grey - mentioned it already)
  Silverlight Plug-In (yellow - hardly use it, I think, unless it's automatic without my knowing, perhaps I watched one stream with it once, I'd like to remove it, but just in case I need it, don't remember why I didn't update, perhaps a conflict, perhaps because I don't use it, or it didn't report a threat like java and doesn't create unwantend and history compromising temp files)
  Google Update (grey - can I remove? what will i lose? don't remember installing it, and if I didn't, why didn't firefox block it?)
  Veetle TV Core (grey)
  Veetle TV Player (grey - using this for watching streams on veetle.com, probably needs the Core, deleted the broadcaster that was there earlier, never chose to install that, can't firefox regulate that when installing different components? or did i just miss that option and assumed I needed when I was installing veetle add-on?)
  Well, that's the list i get when checking on your site, when i use my own browseroptions to check add-ons I get a slightly different and longer list including a few I have already turned off (which also doesn't seem very secure to me, what's the point in using your site then for anything other than updates?), here are the differences in MY list:
  I can see 2 versions of Java(TM) Platform SE 6 U31, (thanks firefox for not being able to copy-paste this)
  one "Classic Java plug-in for Netscape and Mozilla"
  the other is "next generation plug-in for Mozilla browsers".
  I think I'll just turn off the Netscape and Mozilla one, don't trust it, why would I need 2? There I did it, no crashes, screw java :P
  There's also a Mozilla Default plugin listed there, why does firefox list it there without any further information whether I need it or not or whether it really originates from Mozilla firefox? It doesn't even show up when I use your website plugin checker, so is there no easy way by watching this list for me to determin I can skip worrying about it?
  There's also some old ones that I recently deactivated still listed like windows live photo gallery, never remember adding that one either or needing it for anything and as usual, right-clicking and "visit homepage" is greyed out, just as it is for the many java crap add-ons I encountered so far.
  Doing a quick check, the only homepage I can visit is the veetle one. The rest are greyed out. I also have several "Java Console" in my extentions tab, I deactivated all but the one with the highest number. Still no Java Console visible though, even after going to start/search "java", clicking java file and changing the settings there to "show" console instead of "hide" (can't remember exact details).
  There's some other extentions from noscript, TVU webplayer again, ADblock Plus and now also BetterPrivacy (sidenote, a default.LSO remains after cleanup correct? How do I know that one isn't doing anything nasty if it's code has been changed or is being changed? To prevent other LSO's I need to use both private browsing and change all kinds of restrictions online for adobe flashplayer, can anyone say absurd!!! if you think you're infected and want to improve your security? Sorry that rant was against Adobe, but it's really against Anonymous, no offense).

• Problem with Home Sharing.  Getting the error "The Requested URL was not Found on this Server"

  I recently purchased an iPhone 5.  As I do with all of my AppleTVs, iPads, iPods and an iPhone 4 in my home, I connected the 5 to my home network and accessed the shared video library using home sharing.  My iTunes library is roughly 85% iTunes purchases, a handful of videos taken with iOS devices, and some video ripped with Handbrake.  All of these videos work fine on all devices in my home except my new iPhone 5.  When I access the shared video library on my iPhone 5, all of the textual data for all of the videos appears, however, I can only get the iPhone to play 1 video of the dozens in my iTunes library. When I try to play any other, I get the error, "The Requested URL was not Found on this Server."
  Interestingly, only one video in my entire shared library displays the artwork associated with it in my iTunes library on my iPhone 5, and that's the one I can stream without a problem. Even more interestingly, that video I am able to stream was ripped using Handbrake (there are a number in my library ripped using Handbrake, but just this one will stream to my iPhone 5 for some reason).
  I'm using the latest version of iTunes (10.7) on my home (iMac) computer (running OSX 10.8.2- Mountain Lion)and of course iOS 6 on the iPhone 5. I've tried resetting my iPhone several times as well as restarting my iMac which holds my iTunes library.
  Does anyone have any ideas as to what's going on?

  Can you see if you can view index page from a browser on iPhone.
  Have you seen live streams working from a different computer...
  if not then check if a proper crossdomain.xml file in its place(webroot folder).

• #2170 error calling a webservice from Xcelsius having crossdomain.xml

  Hello together,
  we are facing a #2170 error indicating we don't have a proper policy file in place when executing a published Xcelsius flash in SAP BI application portal.
  We created a WebService that is running an SAP BI System 7.01. The WebService is function module based and was generated following the wizzard. Afterwards we created a Xcelsius app that consumes data from this WebService (via data connection). The resulting flash from Xcelsius was pulished to SAP BI System (portal).
  Since there are many entries in the SDN and the internet in general we finally also created an crossdomain.xml file on the BI system which can be accessed and is visible by using "https://<server>/crossdomain.xml".
  Now the confusion begins: We exported the flash from Xcelsius to local desktop and executed the corresponding HTML-file. It's working and I can receive/see WebService data (after adjusting flash-security-settings). If we upload both exported files (html and swf) to the BI system (as MIME objects) and execute the html again we are also receiving WebServervice data. So far so good. But if we execute the link from the SAP BI Portal (Xcelsius menu > SAP > Start) we still get the error #2170 indicating we don't have a proper domain policy file in place. But for my understanding we do have. So currently I would assume the error message is somehow misleading.
  During all the activities I found out that this error is also raised if the user has insufficient authorization. My user has SAP_ALL authorization for testing purpose.
  In general I would say we are not that wrong with our Xcelsius/WebService if we are not coming from BI portal. So my questions are:
  1.) Are there any authorization on portal side that might not fit and lead to this error? If insufficient authorizations produces such an error ...
  2.) Did we miss any other stuff during our try/fail-operations?
  Many thanks in advance for your hints.
  Steffen

  Hi Rajat,
  This is how the default trace looks
  FATAL: Application Servlet failed to notify devices.
  Caught java.rmi.RemoteException: Service call exception; nested exception is:
       com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (503) Service Unavailable. The requested URL was:"http://<<server>>:50000/ManagementService/ManagementService?style=document"
       at com.om.mws.standaloneproxy.ManagementServiceBindingStub.notifyDevice(ManagementServiceBindingStub.java:1289)
       at com.om.mws.standaloneproxy.ManagementServiceBindingStub.notifyDevice(ManagementServiceBindingStub.java:1298)
       at com.om.ApplicationServlet$NotifyDevices.run(ApplicationServlet.java:86)
  Caused by: com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (503) Service Unavailable. The requested URL was:"http://<<server>>:50000/ManagementService/ManagementService?style=document"
       at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.handleResponseMessage(MimeHttpBinding.java:980)
       at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1430)
       at com.om.mws.standaloneproxy.ManagementServiceBindingStub.notifyDevice(ManagementServiceBindingStub.java:1282)
       ... 2 more
  java.lang.NoSuchMethodError
  at java.lang.Thread.destroy(Thread.java:779)
       at com.omApplicationServlet$NotifyDevices.run(ApplicationServlet.java:92)
  Rgds
  Shashank

• How do i resolve Error #2032 ? Could anyone help on this?

  @Hi,
  I am using the following code to launch SWF file. When i launch the page, getting "Error #2032" from GUI.
  Could you please advise if any changes needs to be done in the following file?
  Do you think this is environmental issue?
  Please let us know how to troubleshoot the issue.
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
  <head>
  <title>Reports</title>
  <meta name="google" value="notranslate" />      
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <!-- Include CSS to eliminate any default margins/padding and set the height of the html element and
  the body element to 100%, because Firefox, or any Gecko based browser, interprets percentage as
  the percentage of the height of its parent container, which has to be set explicitly. Fix for
  Firefox 3.6 focus border issues. Initially, don't display flashContent div so it won't show
  if JavaScript disabled.
  -->
  <style type="text/css" media="screen">
  html, body { height:100%; }
  body { margin:0; padding:0; overflow:auto; text-align:center;
  background-color: #ffffff; }
  object:focus { outline:none; }
  #flashContent { display:none; }
  </style>
  <script type="text/javascript" src="swfobject.js"></script>
  </head>
  <body>
  <script type="text/javascript">
  var swfVersionStr = "10.2.0";
  // To use express install, set to playerProductInstall.swf, otherwise the empty string.
  var xiSwfUrlStr = "playerProductInstall.swf";
  var flashvars = {};
  var params = {};
  params.quality = "high";
  params.bgcolor = "#ffffff";
  params.allowscriptaccess = "sameDomain";
  params.allowfullscreen = "true";
  params.wmode="transparent"; // set proper z-index so swf won't go on top of mega menu
  var attributes = {};
  attributes.id = "TestMain";
  attributes.name = "TestMain";
  attributes.align = "middle";
  swfobject.embedSWF(
  "/acsview/pages/flex/TestMain.swf", "flashContent",
  "100%", "100%",
  swfVersionStr, xiSwfUrlStr,
  flashvars, params, attributes);
  // JavaScript enabled so display the flashContent div in case it is not replaced with a swf object.
  swfobject.createCSS("#flashContent", "display:block;text-align:left;");
  if (swfobject.ua.ie && swfobject.ua.win)
  swfobject.addLoadEvent(
  function()
  var app = swfobject.getObjectById("TestMain");
  if (app)
  app.focus();
  </script>
  <!-- SWFObject's dynamic embed method replaces this alternative HTML content with Flash content when enough
  JavaScript and Flash plug-in support is available. The div is initially hidden so that it doesn't show
  when JavaScript is disabled.
  -->
  <div id="flashContent">
  <p>
  To view this page ensure that Adobe Flash Player version
  10.2.0 or greater is installed.
  </p>
  </div>
  <noscript>
  <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="100%" height="100%" id="index">
  <param name="movie" value="TestMain.swf" />
  <param name="quality" value="high" />
  <param name="bgcolor" value="#ffffff" />
  <param name="allowScriptAccess" value="sameDomain" />
  <param name="allowFullScreen" value="true" />
  <!--[if !IE]>-->
  <object type="application/x-shockwave-flash" data="TestMain.swf" width="100%" height="100%">
  <param name="quality" value="high" />
  <param name="bgcolor" value="#ffffff" />
  <param name="allowScriptAccess" value="sameDomain" />
  <param name="allowFullScreen" value="true" />
  <!--<![endif]-->
  <!--[if gte IE 6]>-->
  <p>
  Either scripts and active content are not permitted to run or Adobe Flash Player version
  11.1.0 or greater is not installed.
  </p>
  <!--<![endif]-->
  <!--
  <a href="http://www.adobe.com/go/getflashplayer">
  <img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash Player" />
  </a>
  -->
  <!--[if !IE]>-->
  </object>
  <!--<![endif]-->
  </object>
  </noscript>
  </body>
  </html>
  We added crossdomain.xml file in the web application and still not working. The following is content of the crossdomian.xml file.
  <?xml version="1.0"?>
  <cross-domain-policy>
  <allow-http-request-headers-from domain="" headers="" secure="false" />
  <allow-access-from domain="*" secure="false" />
  </cross-domain-policy>
  Thanks in advance,
  Parimala
  Message was edited by: Parimaladevi Vadivel

  pwillener wrote:
  This is the Shockwave Player forum.
  Sorry, I was mistaken about that.  Still, the Flash or AS forum would be better.

• ScrollRect via crossdomain = NOGO!??

  Hi i'm having problems setting scrollRect from a function in MovieA.swf to a movieclip in MovieB.swf. the SWFs are located on different domains.
  Both files has the
  Code:
  System.security.allowDomain("*")
  in top of first frame.
  I've made a "sketch" of what i'm doing.
  In MovieB, i have function/class:
  Code:
  var theApp = function(args:Object){
       import flash.geom.Rectangle;
       var oo:Object = this
       oo.applyScrollRect = function(){
            args.container.scrollRect = new Rectangle(0, 0, 200, 40)
  This works within MovieB, i can do
  Code:
  var myAppInstance = new theApp({container:someMc})
  myAppInstance.applyScrollRect()
  Works fine..
  Now, if i load MovieB into MovieA.swf, and then create an instance after its loaded, then it doesent work.
  Code:
  $scope = this
  myApp = new loader_mc.theApp({container:$scope.box_mc2})
       myApp.applyScrollRect()
  //I can create the instance allright, but i cannot apply scrollRect
  I wan't to do it this way!!!.. but i guess it's not possible.
  NOTE: if MovieB is gets loaded from SAME domain, then everything works!, so clearly, this only breaks when SWF's are in different domains. So apparently, SOME things you simply CAN NOT DO crossdomain.. no matter what security settings you apply. Is that right?..i think its crap!
  EDIT: I attached a even more simplified example.. if you'd like to test, then upload theese two swfs on different domains, and make MovieA.swf load MovieB.swf..

  Hi i'm having problems setting scrollRect from a function in MovieA.swf to a movieclip in MovieB.swf. the SWFs are located on different domains.
  Both files has the
  Code:
  System.security.allowDomain("*")
  in top of first frame.
  I've made a "sketch" of what i'm doing.
  In MovieB, i have function/class:
  Code:
  var theApp = function(args:Object){
       import flash.geom.Rectangle;
       var oo:Object = this
       oo.applyScrollRect = function(){
            args.container.scrollRect = new Rectangle(0, 0, 200, 40)
  This works within MovieB, i can do
  Code:
  var myAppInstance = new theApp({container:someMc})
  myAppInstance.applyScrollRect()
  Works fine..
  Now, if i load MovieB into MovieA.swf, and then create an instance after its loaded, then it doesent work.
  Code:
  $scope = this
  myApp = new loader_mc.theApp({container:$scope.box_mc2})
       myApp.applyScrollRect()
  //I can create the instance allright, but i cannot apply scrollRect
  I wan't to do it this way!!!.. but i guess it's not possible.
  NOTE: if MovieB is gets loaded from SAME domain, then everything works!, so clearly, this only breaks when SWF's are in different domains. So apparently, SOME things you simply CAN NOT DO crossdomain.. no matter what security settings you apply. Is that right?..i think its crap!
  EDIT: I attached a even more simplified example.. if you'd like to test, then upload theese two swfs on different domains, and make MovieA.swf load MovieB.swf..