安全沙箱冲突与YouTube API [英] Security Sandbox Violation with Youtube API
问题描述
我得到一个非常恼人的运行时错误信息,我崩溃的Flash应用程序时,它运行在浏览器中。该错误涉及到一个安全沙箱冲突当我试图访问的Youtube的GData API。确切的错误消息如下:
错误:请求资源的https://gdata.youtube.com/feeds/api/videos?
关键=随着## 2PVR2#LPJ#0bVaw_Tvjx1MI6qeAI1gORxErVYDzu2zZy4D18bf8T6pHxsPgIOhs3_44Te
YTVlYLx49goUPbv00udousA和放大器; Q =的,提线木偶官方拖车和放大器; ALT = JSON和放大器;最大-结果= 1
从HTTP请求://###.com/cws/f/VV.swf因拒绝
缺乏策略文件权限。
***安全沙箱冲突***
当我在本地运行的SWF,一切工作正常。
任何想法?
感谢。
编辑:我刚刚添加了这些行,但仍没有运气
在Security.loadPolicyFile(http://www.mydomain.com/crossdomain.xml);
在Security.loadPolicyFile(https://gdata.youtube.com/crossdomain.xml);
的Security.allowDomain(https://gdata.youtube.com);
的Security.allowDomain(gdata.youtube.com);
您需要根据的Adobe Flash的安全规则,以指定的crossdomain.xml
政策文件。
1)将的crossdomain.xml
在您的网站的根目录
2)示例内容(不推荐)
< XML版本=1.0&GT?;
<交域政策>
<允许存取来自域=*/>
< /跨域策略>
3)加载策略文件到您的项目(AS3):
System.security.loadPolicyFile(http://www.DOMAIN.net/crossdomain.xml);
阅读 引用文档 了解更多信息
I'm getting a very annoying run time error message, which crashes my flash application when it runs in the browser. The error pertains to a 'Security Sandbox Violation' when I attempt to access Youtube's Gdata api. The exact error message reads:
Error: Request for resource at https://gdata.youtube.com/feeds/api/videos?
key=As##2PVR2#lPj#0bVaw_Tvjx1MI6qeAI1gORxErVYDzu2zZy4D18bf8T6pHxsPgIOhs3_44Te
YTVlYLx49goUPbv00udousA&q=The-Muppets-official-trailer&alt=json&max-results=1
by requestor from http://###.com/cws/f/VV.swf is denied due
to lack of policy file permissions.
*** Security Sandbox Violation ***
When I run the SWF locally, everything works fine.
Any ideas?
Thanks.
Edit: I've just added these lines, but still no luck.
Security.loadPolicyFile("http://www.mydomain.com/crossdomain.xml");
Security.loadPolicyFile("https://gdata.youtube.com/crossdomain.xml");
Security.allowDomain("https://gdata.youtube.com");
Security.allowDomain("gdata.youtube.com");
You need to specify a crossdomain.xml
policy-file according to Adobe Flash security rules.
1) Place the crossdomain.xml
at the root directory of your website
2) Example content (not recommended)
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
3) Load the policy-file into your project (AS3):
System.security.loadPolicyFile("http://www.DOMAIN.net/crossdomain.xml");
Read the reference document for further information.
这篇关于安全沙箱冲突与YouTube API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!