如何将 crossdomain.xml 用于我的 Flash 项目...? [英] How to use crossdomain.xml for my flash project...?
问题描述
这让我发疯...我正在尝试使用 Flash 构建一个 youtube 播放器,每次加载视频时,都会出现运行时安全沙箱错误..我已经将 crossdomain.xml 放在我的根服务器中 http://mysite.com 但我仍然收到错误......我错过了什么吗?我必须将它加载到我的 flex 项目中吗??感谢您的回复...
This drives me crazy...I am trying to build a youtube player with flash and everytime I load a video, there is a runtime security sandbox error..I already put crossdomain.xml in my root server http://mysite.com but I am still getting the errors...Do I miss something? Do I have to load it into my flex project??Thanks for the reply...
我的 crossdomain.xml
My crossdomain.xml
<!-- <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.youtube.com"/>
<allow-access-from domain="s.ytimg.com"/>
</cross-domain-policy>
-->
编辑:20100811T0723;这是来自 http://popslinger.org/crossdomain.xml
Edit: 20100811T0723; this is the actual XML from http://popslinger.org/crossdomain.xml
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain- policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
推荐答案
我也遇到了很多错误,但它们通常似乎在 YouTube 一边
I get a lot of errors too but they generally seem to be on YouTube's side
这是一个例子:
*** Security Sandbox Violation ***
SecurityDomain 'http://www.youtube.com/apiplayer?version=3' tried to access
incompatible context 'http://s.ytimg.com/yt/swf/apiplayer3-vfl181412.swf'
如您所见,这些都是 YouTube 域
As you can see, these are both YouTube domains
所以我查看了 YouTube 自己的跨域策略文件.事实证明,这些文件需要更新.阅读以下:http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes_02.html#head1
So I had a look at YouTube's own crossdomain policy files. It turns out that those files need to be updated. Read the following: http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes_02.html#head1
这是来自 s.ytimg.com 的策略文件
Here is the policy file from s.ytimg.com
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
抛出以下警告
警告:域 s.ytimg.com 未指定元策略.应用默认的元策略master-only".此配置已弃用.请参阅 http://www.adobe.com/go/strict_policy_files 以解决此问题.
Warning: Domain s.ytimg.com does not specify a meta-policy. Applying default meta-policy 'master-only'. This configuration is deprecated. See http://www.adobe.com/go/strict_policy_files to fix this problem.
这是它应该是什么样子
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
</cross-domain-policy>
这是另一个警告:
警告:域 video-stats.video.google.com 没有明确指定元策略,而是策略文件的 Content-Type http://video-stats.video.google.com/crossdomain.xml 是text/x-cross-domain-policy".应用元策略按内容类型".
Warning: Domain video-stats.video.google.com does not explicitly specify a meta-policy, but Content-Type of policy file http://video-stats.video.google.com/crossdomain.xml is 'text/x-cross-domain-policy'. Applying meta-policy 'by-content-type'.
看来 YouTube 应该对此进行调查,所有这些警告和安全错误消息都非常烦人.
It looks like YouTube should look into this, all these warnings and security error messages are pretty annoying.
实际上,看看错误,如果您的域名没有出现在任何地方,则您的跨域文件工作正常.
Practically speaking, have a look at the errors, if your domain name doesn't appear anywhere, your crossdomain file is working fine.
这篇关于如何将 crossdomain.xml 用于我的 Flash 项目...?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!