Click to See Complete Forum and Search --> : XML not working when SWF is served

07-03-2001, 12:08 PM
I have an SWF that is loading XML from a JSP. It worked fine during development with local test.xml files, and also when I started pointing directly to the JSP server running the swf locally. I didn't discover the issue until I attempted to run the swf off of the server.

My onLoad event handler is being called immediately with the "success" parameter equal to "false". All indications point to the XML being empty.

I believe the issue may have something to do with forming the servlet call because it does work if I serve my test.xml files off of the same server using a full path to call the XML. I have printed the call to a text field in the SWF. I can copy it and paste it into a browser window and I get the XML fine (it's a full, not relative, path). The problem seems to be with Flash making the call when it's served.

The JSP servlets are running on Weblogic, but I have partially replicated the problem with Apache.

If anyone is familiar with this issue please fill me in, or point me to a resource that can help me find a work around. Thanks in advance!


07-03-2001, 12:45 PM
Sorry bro.. JSP == no clue. If you want you can send me the FLA and I can try to see if there's problems in that...

07-03-2001, 02:24 PM
Perhaps the JSP bit is misleading. It may not be related to my problem.

After a more investigation I have narrowed down the suspects to the following:
A) Flash security (for preventing use of flash as a bridge) isn't allowing the transaction between the SWF at one IP and the servlet at another.
B) There is some issue with making the call, either internally with Flash or with the server (the location from which it is being served) -- possibly related to passing parameters on the call (or the use of the character for passing those parameters).

Of course, I see problems with both hypothesis, being:
A) The O'Reilly Actionscript Definitive Guide states that the security issue only affects the plug-ins and activeX control -- NOT the stand-alone flash player. I am finding this issue in the stand-alone player on both Mac and Windows.
B) I would expect that not being able to pass parameters on a call would be a much more high visibility issue. More people would have run into it, and there would be more posts on the issue (and people would more quickly recognize the issue and respond to my posts about it).

For clarification, what I'm seeing is this:
In Flash test mode and in the stand-alone player, I can run the SWF off of the file system and it loads the XML correctly.
From the stand-alone player or in a browser the SWF immediately fails when it is loaded served via http. The myXML.loaded property = True and the success parameter = False. Also, myXML.childNodes.length = 0.
I can print the URL that is being called when it runs via http to a variable text field, and when I copy that and paste it to a browser window it successfully loads the XML (so I can be sure that the string I am forming for the URL is absolutely correct).

If anyone knows anything about this, please respond. If you can forward me to someone who might know, or can point me to a resource that would be of use, please do.



07-03-2001, 03:06 PM
So if it works in one instance, but not in another - I can't help. Your code is good if it works in one instance. If it won't work in all instances it's a compatability issue. Make sure you have the latest players/browsers etc., but other than that... sorry!

I know you might already be aware of what I've told you, but that's all I know...

Anybody else out there have a clue?? Anybody else run into the same problems???

07-09-2001, 08:48 PM
It does sound like a security problem from your description of the setup, though I can't explain why the standalone can't load from different IPs/remote hosts.

Are the swf and servlet at different IPs?
if so have you tried serving them from the same IP?

07-10-2001, 09:42 PM
It was a security thing. The swf and the servlets were at different IPs. I put them in the same place and it is now working.

Not a very well documented "feature".


07-10-2001, 09:49 PM
It is actually documented.. but you do kinda have to dig to find it... and it is kinda hard to understand for some of us... oh well!

07-11-2001, 09:46 AM
its the same security setup as javascript; it's just with javascript you can get around it using signed scripts.
I don't think you can do this in flash...yet.