如何使用的crossdomain.xml我的闪存项目...? [英] How to use crossdomain.xml for my flash project...?
问题描述
家伙.. 这让我疯狂......我想建立一个YouTube播放器,闪存,每次我打开一个视频,还有一个运行时的安全沙箱error..I已经把crossdomain.xml的在我的根服务器的 http://mysite.com 但我仍然得到错误...难道我错过了什么?我必须将其加载到我的Flex项目??感谢您的答复...
我的crossdomain.xml
<! - <!DOCTYPE跨域政策体系http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd >
<交域政策>
<* youtube.com允许访问,从域= />
<允许存取来自域=s.ytimg.com/>
< /跨域策略>
- >
修改:20100811T0723;这是来自 http://popslinger.org/crossdomain.xml
实际的XML <!DOCTYPE跨域政策体系http://www.macromedia.com/xml/dtds/cross-domain- policy.dtd>
<交域政策>
<允许存取来自域=*/>
< /跨域策略>
我得到了很多的错误太多,但他们一般似乎是在YouTube上的侧
下面是一个例子:
***安全沙箱冲突***
SecurityDomain中http://www.youtube.com/apiplayer?version=3尝试访问
不兼容的情况下http://s.ytimg.com/yt/swf/apiplayer3-vfl181412.swf
正如你所看到的,这些都是YouTube的域
所以我必须看看YouTube的自己的跨域策略文件。事实证明,这些文件需要被更新。阅读以下内容: 的http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes_02.html#head1
下面是s.ytimg.com
策略文件 <交域政策>
<允许存取来自域=*/>
< /跨域策略>
这引发以下警告
警告:域名s.ytimg.com没有指定元策略。应用默认元策略主只。此配置去precated。请参见 http://www.adobe.com/go/strict_policy_files 来解决这个问题。
和这里是它应该是什么样子
< XML版本=1.0&GT?;
<!DOCTYPE跨域,政策体系
http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<交域政策>
<现场控制允许交叉域策略=主只有/>
<允许存取来自域=*/>
< /跨域策略>
下面是另一个警告:
警告:域名video-stats.video.google.com没有明确指定一个元策略,但Content-Type的策略文件的 http://video-stats.video.google.com/crossdomain.xml 是文/ X-跨域策略。 通过内容型应用元策略。
它看起来像YouTube应该考虑这一点,所有的这些警告和安全错误消息是pretty的讨厌。
实事求是地讲,看看错误,如果您的域名没有出现在任何地方,你的跨域文件工作正常。
Guys.. This drives me crazy...I am trying to build a youtube player with flash and everytime I load a video, there is a runtime security sandbox error..I already put crossdomain.xml in my root server http://mysite.com but I am still getting the errors...Do I miss something? Do I have to load it into my flex project??Thanks for the reply...
My crossdomain.xml
<!-- <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.youtube.com"/>
<allow-access-from domain="s.ytimg.com"/>
</cross-domain-policy>
-->
Edit: 20100811T0723; this is the actual XML from http://popslinger.org/crossdomain.xml
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain- policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
I get a lot of errors too but they generally seem to be on YouTube's side
Here's an example:
*** Security Sandbox Violation ***
SecurityDomain 'http://www.youtube.com/apiplayer?version=3' tried to access
incompatible context 'http://s.ytimg.com/yt/swf/apiplayer3-vfl181412.swf'
As you can see, these are both YouTube domains
So I had a look at YouTube's own crossdomain policy files. It turns out that those files need to be updated. Read the following: http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes_02.html#head1
Here is the policy file from s.ytimg.com
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
which throws the following warning
Warning: Domain s.ytimg.com does not specify a meta-policy. Applying default meta-policy 'master-only'. This configuration is deprecated. See http://www.adobe.com/go/strict_policy_files to fix this problem.
and here's what it should look like
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
</cross-domain-policy>
Here's another warning:
Warning: Domain video-stats.video.google.com does not explicitly specify a meta-policy, but Content-Type of policy file http://video-stats.video.google.com/crossdomain.xml is 'text/x-cross-domain-policy'. Applying meta-policy 'by-content-type'.
It looks like YouTube should look into this, all these warnings and security error messages are pretty annoying.
Practically speaking, have a look at the errors, if your domain name doesn't appear anywhere, your crossdomain file is working fine.
这篇关于如何使用的crossdomain.xml我的闪存项目...?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
