Youtube API 违反安全沙盒 [英] Security Sandbox Violation with Youtube API

问题描述

我收到一条非常烦人的运行时错误消息，它在我的 Flash 应用程序在浏览器中运行时崩溃.当我尝试访问 Youtube 的 Gdata api 时，该错误与安全沙盒违规"有关.确切的错误信息如下:

I'm getting a very annoying run time error message, which crashes my flash application when it runs in the browser. The error pertains to a 'Security Sandbox Violation' when I attempt to access Youtube's Gdata api. The exact error message reads:

Error: Request for resource at https://gdata.youtube.com/feeds/api/videos?
key=As##2PVR2#lPj#0bVaw_Tvjx1MI6qeAI1gORxErVYDzu2zZy4D18bf8T6pHxsPgIOhs3_44Te
YTVlYLx49goUPbv00udousA&q=The-Muppets-official-trailer&alt=json&max-results=1 
by requestor from http://###.com/cws/f/VV.swf is denied due 
to lack of policy file permissions.
*** Security Sandbox Violation ***

当我在本地运行 SWF 时，一切正常.

When I run the SWF locally, everything works fine.

有什么想法吗?

谢谢.

我刚刚添加了这些行，但仍然没有运气.

I've just added these lines, but still no luck.

Security.loadPolicyFile("http://www.mydomain.com/crossdomain.xml");
Security.loadPolicyFile("https://gdata.youtube.com/crossdomain.xml");
Security.allowDomain("https://gdata.youtube.com");
Security.allowDomain("gdata.youtube.com");

推荐答案

您需要根据 Adob​​e Flash 安全规则指定一个 crossdomain.xml 策略文件.

You need to specify a crossdomain.xml policy-file according to Adobe Flash security rules.

1) 将crossdomain.xml放在你网站的根目录

1) Place the crossdomain.xml at the root directory of your website

2) 示例内容(不推荐)

    <?xml version="1.0"?>
    <cross-domain-policy>
       <allow-access-from domain="*" />
    </cross-domain-policy>

3) 将策略文件加载到您的项目中 (AS3):

3) Load the policy-file into your project (AS3):

    System.security.loadPolicyFile("http://www.DOMAIN.net/crossdomain.xml");

阅读参考文档了解更多信息.

Read the reference document for further information.

这篇关于Youtube API 违反安全沙盒的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！