-
Error #2048 -- At a loss!
I've got some strange stuff going on. I have a SWF that is hosted on server A. I have a php file on server B that processes forms. My SWF sends form information to server B and expects to get a set of variables returned (form processed successfully or not).
The SWF is built in AS3. The code is written like this:
Code:
// SEND FORM INFO
//-- collect variables
var variables:URLVariables = new URLVariables();
variables.email = txtEmail.text;
//-- set up request for URL
var myRequest:URLRequest = new URLRequest();
myRequest.url = "https://services.processingserver.com/postdata/";
myRequest.method = URLRequestMethod.POST;
myRequest.data = variables;
//-- process loader
var myLoader:URLLoader = new URLLoader();
//myLoader.dataFormat = URLLoaderDataFormat.VARIABLES;
try
{
myLoader.load(myRequest);
}
catch (error:ArgumentError)
{
trace("An ArgumentError has occurred.");
txtPrompt.text = "SERVER ARGUMENT ERROR";
}
catch (error:SecurityError)
{
trace("A SecurityError has occurred.");
txtPrompt.text = "SERVER SECURITY ERROR";
}
myLoader.addEventListener(HTTPStatusEvent.HTTP_STATUS,httpStatusHandler);
myLoader.addEventListener(IOErrorEvent.IO_ERROR,errorHandler);
myLoader.addEventListener(Event.OPEN, openHandler);
myLoader.addEventListener(ProgressEvent.PROGRESS, progressHandler);
myLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, securityErrorHandler);
myLoader.addEventListener(Event.COMPLETE,completeHandler);
....
function securityErrorHandler(e:SecurityErrorEvent):void
{
txtPrompt.text = "SERVER SECURITY ERROR - "+e.text;
}
It works fine when I test it from a local file. However, when I post the form SWF to the live server, it returns an Error #2048, triggered by the securityErrorHandler function.
The remote server has a crossdomain.xml file, and the server that the SWF is posted on has the file too. This is the code in the xml file:
Code:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cross-domain-policy>
I've tried adding this code to the SWF:
Code:
Security.allowDomain("*");
Security.loadPolicyFile("https://services.processingserver.com/crossdomain.xml");
What am I doing wrong?
Best,
--eric
-
sorry, was not clear on one thing...is the swf sending the form data on server A, B, or neither?
-
Senior Member
Last edited by cancerinform; 08-21-2008 at 09:52 AM.
- The right of the People to create Flash movies shall not be infringed. -
-
Hey there!
thanks for the responses. @mlecho -- The flash which is sitting on Server A takes the variables, submits them via POST to a php file sitting on Server B, which then returns a bunch of success/fail variables back to the Flash on Server A.
@cancerinform -- Yeah, I've been poring over that article as well as Adobe's published server permissions specs and I can't see what I'm doing wrong. As far as I can tell I'm complying with everything.
Any ideas?
Best,
--eric
-
Another thought -- are there any things BESIDES actual security errors that trigger the error #2048 notice?
Best,
--eric
-
If user loads SWF via HTTPS you have to set <allow-access-from domain="*" secure="true"/>
>> catch (error:SecurityError)
URLLoader.load() doesn't throw SecurityError, you have to subscribe to SecurityErrorEvent.SECURITY_ERROR event.
Last edited by wvxvw; 08-26-2008 at 04:18 PM.
-
Thanks for the info wvxvw!
I updated the cross-domain policy file to be secure="true" but I'm still getting the security error. Any other ideas?
regarding the "catch" -- you're totally right; that's why I have the "myLoader.addEventListener(SecurityErrorEvent.SECU RITY_ERROR, securityErrorHandler);" event listener in there. It's that error that's notifying me that I'm getting error #2048.
I'm still stumped -- any other ideas?
Thanks,
--eric
-
Here's what you may try to do for testing: there's no error generated in FP9.124 if Security.loadPolicyFile() fails, but it will generate an error in FP10. So, may be just for the test update the player to the next version to see if the crossdomain was received and properly recognized?
-
Cool idea -- I'll give that a shot!
-
Here's an update: I installed Flash Player 10. If I try to submit the form from the live site, I get the exact same "Error #2048" message. If I test locally, the form works fine, but it worked fine locally when I had Flash Player 9 installed.
Any other ideas?
Thanks,
--eric
-
Hm... Are you sure you call Security.loadPolicyFile() before connecting to WS? And, is SWF itself loaded using HTTPS? And is crossdomain.xml displayed if you try to view it in browser? And are the ports used for retrieving crossdomain XML and connecting to WS the same (not 80 and 8080 for eg.)
Right now it looks like you're successfully getting permissions to load, but then load from another URL... But if this isn't the case, then I don't know what else can it be...
-
OK - I finally found what the problem was! It turns out that the server that was serving up the crossdomain XML was returning it as type "application/x-httpd-php5-source". Turns out that Flash 9's new strict security policy will only accept crossdomain xml files that are content type "text/*" (any type of text), "application/xml", or "application/xhtml+xml". It is, of course, extremely difficult to identify this error because you need to have Flash 9 debugger version installed, policy file logging enabled, and you need to read your policy file log.
I've posted a more thorough explanation of the problem and solution on my blog: http://www.thecosmonaut.com/2008/08/...-policy-files/
Thanks for everyone's input!
Best,
--eric
-
Hi guys,
I need help BIG TIME!
I have a project to deliver in 2 days and I just had access to the environment where the flash will be published. And I get "Error #2048" as well! But the difference between your problem, is that the SWF and the XML file are hosted at the same domain, but I still get that security error ?!?!?!
The only think though, is that this domain is under HTTPS. Both files are under the same domain, they just live in different directories, for example "https://mydomain.com/swf/myswf.swf" and "https://mydomain.com/xml/myxml.xml".
I'm desperately looking for help!!! Please please please The whole contract is now at stake because of that... and I can't find any documentation anywhere else!!!!
Thanks tons!
Dominic
-
Senior Member
use the relative path to the files and not the absolute.
And next time start a new thread. Don't invade other users threads.
- The right of the People to create Flash movies shall not be infringed. -
-
The quicktime error should have nothing to do with the error being discussed here. And as always, be very careful about downloading any executable from an untrusted site.
-
link?
Anyway you can post the corrected link for your blog article?
Thank you!
kathleen.
Originally Posted by erico564
OK - I finally found what the problem was! It turns out that the server that was serving up the crossdomain XML was returning it as type "application/x-httpd-php5-source". Turns out that Flash 9's new strict security policy will only accept crossdomain xml files that are content type "text/*" (any type of text), "application/xml", or "application/xhtml+xml". It is, of course, extremely difficult to identify this error because you need to have Flash 9 debugger version installed, policy file logging enabled, and you need to read your policy file log.
I've posted a more thorough explanation of the problem and solution on my blog: http://www.thecosmonaut.com/2008/08/...-policy-files/
Thanks for everyone's input!
Best,
--eric
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|