Flex crossdomain.xml 在 Chrome/Firefox 中无法正常工作? [英] Flex crossdomain.xml not working correctly in Chrome/Firefox?

问题描述

我已经在这方面花费了大量时间，所以这就是我卡住的地方.

I've spent quite a bit of time on this so here's where I'm stuck.

我正在使用调试播放器 10.1 从以下位置获取 XMLA 请求:

I'm using the debug player 10.1 to get an XMLA request from:

http://localhost/dir/blah.swf

到:

http://localhost/olapbin/msblah.dll

这在文件系统中运行良好，但现在它在 IIS7 Web 服务器上.

This worked fine in the filesystem, but now its on an IIS7 web server.

在对 crossdomain.xml 文件进行了大量摆弄之后，我决定了:

After a lot of fiddling with the crossdomain.xml file I settled on:

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" to-ports="*" />
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>

放置在:

http://localhost/crossdomain.xml

并阅读:

Security.loadPolicyFile("http://localhost:80/crossdomain.xml");

我设置了策略文件日志记录(这有助于提出上述文件)在 IE8 上它一切正常.我得到:

I setup Policy file logging (which helped come up with the above file) and on IE8 its all working just fine. I get:

OK: Root-level SWF loaded: http://127.0.0.1/akts/ThinSlicerRunner.swf
OK: Policy file accepted: http://localhost/crossdomain.xml
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at http://localhost/olapbin/msmdpump.dll by requestor from http://127.0.0.1/akts/ThinSlicerRunner.swf
OK: Searching for <allow-http-request-headers-from> in policy files to authorize header sending to URL http://localhost/olapbin/msmdpump.dll by requestor from http://127.0.0.1/akts/ThinSlicerRunner.swf
OK: Request for resource at http://localhost/olapbin/msmdpump.dll by requestor from http://127.0.0.1/akts/ThinSlicerRunner.swf is permitted due to policy file at http://localhost/crossdomain.xml

在 Chrome 和 Firefox 上，我只知道:

On Chrome and Firefox I just get:

OK: Root-level SWF loaded: http://localhost/akts/ThinSlicerRunner.swf
OK: Policy file accepted: http://localhost/crossdomain.xml

没有别的……没有尝试授权 httpservice 请求.

and nothing else... no attempts to authorize the httpservice requests.

在主要的 flex 错误日志中我得到:

In the main flex error log I get:

*** Security Sandbox Violation ***
Connection to  
http://localhost/olapbin/msmdpump.dll
  halted - not permitted from http://localhost/akts/ThinSlicerRunner.swf

当我从 IE8 运行相同的东西时不会出现.知道发生了什么吗??

Which doesn't appear when I run the same thing from IE8. Any idea what's going on ??

根据要求...更多代码

AS REQUESTED... MORE CODE

主要发送请求:

var connection:TsConnection = this.__connection; 
var token:AsyncToken = new AsyncToken(null);
connection.service.request = this.__curSoapRequest;  
var actualToken:AsyncToken = connection.service.send();
__tokenArr.push(actualToken);
var responder:AsyncResponder = new AsyncResponder(resultHandler, faultHandler, actualToken);
__responderArr.push(responder);
actualToken.addResponder(responder);

连接对象亮点:

   public function init():void {

        //Initialize the service object needed to query the server

    this.__service = new HTTPService;
    this.__service.method = "POST";
    this.__service.contentType = "application/xml";
    this.__service.resultFormat = "e4x";
    this.__service.headers = getHeaders();
    this.__service.url = this.__model.xmlaUrl;
    this.__initialized = true;
}

public function get service():HTTPService {
    return this.__service;
}

private function getHeaders():Object {
    var o:Object = {};
    o["SOAPAction"] = '"urn:schemas-microsoft-com:xml-analysis:Discover"';
    o["Content-Type"] = "text/xml";
    return o;
}   

感谢您的帮助...希望在修复后对其他人有所帮助.;-)

Thanks for your help ... hope this helps others when fixed. ;-)

肖恩http://www.vidgridz.com/

推荐答案

感谢大家的回答.确实可以在代码中解决即使这不是一个真正的编码问题.

Thanks for everyone's answers. It was indeed able to be solved in the code even if it wasn't exactly a true coding problem.

这是我从中读取配置详细信息的 xml 数据文件:

Here is the xml data file I was reading the configuration details from:

<tsConnection>
<dataSource>megan</dataSource>
<database>Adventure Works DW 2008</database>                
<cube>Adventure Works</cube>
<xmlaUrl><![CDATA[ 
http://localhost/olapbin/msmdpump.dll
 ]]></xmlaUrl>
</tsConnection>

现在在localTrusted"或localWithNetworking"设置上，这工作得很好.即使在远程"，它也适用于 IE8 Flash 播放器.

Now on the "localTrusted" or "localWithNetworking" setup, this was working just fine. It also works on the IE8 Flash player even in "remote".

然而，发生的事情是 xmlaUrl 被读取为:

However, what was happening was that the xmlaUrl was being read as:

\n\rhttp://localhost/olapbin/msmdpump.dll

(以换行符和回车开头)这就是混淆域检查和抛出沙盒违规的原因在远程"安全沙箱中运行时.

(with the newline and carriage return at the start) This is was what was confusing the domain checking and throwing a Sandbox Violation when run in the "remote" security sandbox.

当然，我的xml应该更好，也许放了一些忽略白代码中的空间处理，但仍然有些奇怪，不一致Netscape 兼容浏览器 (10.1.x) 中 Flash 播放器代码的行为.

Of course, my xml should have been better, and maybe put in some ignore white space processing in the code, but still its quite some bizarre, inconsistent behavior from the Flash player code in Netscape compatible browsers (10.1.x).

所以最终可行的解决方案如下所示:

So the final, working solution looks like this:

<tsConnection>
<dataSource>megan</dataSource>
<database>Adventure Works DW 2008</database>                
<cube>Adventure Works</cube>
<xmlaUrl><![CDATA[http://localhost/olapbin/msmdpump.dll]]></xmlaUrl>
</tsConnection>

我确实在这个过程中成为了 crossdomain.xml 专家.;-)虽然，现在我根本不需要这个文件.

I did become a crossdomain.xml expert in the process though. ;-) Although, now I don't need the file at all.

请记住，如果您看到一些疯狂的无法解释的沙盒违规行为，请检查服务网址中的空白区域.

Bear it in mind if you see some crazy unexplained Sandbox Violations, check for white space in your service url.

这篇关于Flex crossdomain.xml 在 Chrome/Firefox 中无法正常工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！