安全沙箱违规:缺少策略文件权限 [英] Security Sandbox Violation: Lack of Policy File Permissions

问题描述

我正在使用 as3httpclientlib 将数据发布到我的网络服务，但我一直在获得以下安全违规.有谁知道如何解决这个问题?我的 crossdomain.xml 文件在安全违规通知下方.

I'm using as3httpclientlib to post data to my web service, but I'm continually getting the following security violation. Does anyone know how to resolve this? My crossdomain.xml file is below the security violation notice.

注意:我使用 apache 来代理对 web 服务的请求，因此目标 url/port 和为小程序提供服务的 url/port 是相同的——即 http://192.168.100.101.此外，crossdomain.xml 文件位于 Web app 的根目录中，该应用程序为小程序提供服务，而不是 Web 服务；但是，由于请求是代理的，文件的 url 是 http://192.168.100.101/crossdomain.xml

NOTE: I'm using apache to proxy requests to the web service, therefore the target url/port and the url/port serving the applet are the same -- i.e. http://192.168.100.101. Also, the crossdomain.xml file is located in the root of the web app which serves the applet rather the web service; however, since the requests are proxied the url for the file is http://192.168.100.101/crossdomain.xml

* 违反安全沙箱 * 连接到 192.168.100.101:80停止 - 不允许从http://192.168.100.101/com-web/flex/ComUi.swf错误:请求资源在xmlsocket://192.168.100.101:80 由请求者来自http://192.168.100.101/com-web/flex/ComUi.swf由于缺少策略文件而被拒绝权限.

* Security Sandbox Violation * Connection to 192.168.100.101:80 halted - not permitted from http://192.168.100.101/com-web/flex/ComUi.swf Error: Request for resource at xmlsocket://192.168.100.101:80 by requestor from http://192.168.100.101/com-web/flex/ComUi.swf is denied due to lack of policy file permissions.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
<allow-access-from domain="*" to-ports="80, 8080" />
</cross-domain-policy>

谢谢.

推荐答案

您是否尝试使用 WireShark 进行调试，查看应用程序是否在端口 843 上发送请求以及服务器是否通过套接字返回响应?如果您已经使用服务器应用程序来提供策略文件，您的帖子中并不完全清楚，如果没有，您应该，无论哪种方式，下面的链接应该会有所帮助.

Did you tried to debug it with WireShark, see if the app sends the request on port 843 and if the server sends back the response via socket? It was not totally clear in your post if you already use a server app to serve the policy file, if not, you should, either the way, the link below should help.

如果您需要有关工作原理的更多信息，可以查看this

If you need more info about how things work, you can check out this

这篇关于安全沙箱违规:缺少策略文件权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！