如何修复此跨域ActionScript 3错误？ [英] How do I fix this cross-domain ActionScript 3 error?

问题描述

我将尽可能具体和详细，并包含我正在使用的一些代码。我已经进行了搜索，并找到此问题，这似乎类似;然而，作者使用的是ActionScript 2而不是3，我似乎无法有效地应用任何给出的答案。

I'm going to be as specific and verbose as possible and include some of the code I'm using. I already did a search and found this question, which seems similar; however the author there was using ActionScript 2 instead of 3, and I couldn't seem to apply any of the answers given to my own situation effectively.

我试图通过Flash / ActionScript 3模仿（以有限的方式）JavaScript的XMLHttpRequest对象的行为，以克服同一域的限制。但我发现ActionScript在这方面有自己的限制。我承认我可能会错了，但从我的理解，理论上仍然可以做这种类型的跨域脚本使用ActionScript，只要你获得所有的权限。这是我遇到麻烦的地方。

I am trying to emulate (in a limited way) the behavior of JavaScript's XMLHttpRequest object through Flash/ActionScript 3, in order to overcome the same-domain limitation. But I'm discovering that ActionScript has its own limitations in that regard. I admit that I might be mistaken, but from what I understand it is theoretically still possible to do this sort of cross-domain scripting using ActionScript, so long as you get all the permissions right. And that's where I'm running into trouble.

首先，我为一个叫 AjaxRequest ，我保存为 /ajax/AjaxRequest.as 。然后我创建了一个名为 /jsajax.fla 的Flash文件，该文件导出到最终的SWF文件 /jsajax.swf 。现在，这里是ActionScript代码，它包含Flash文件的第一个和唯一的框架：

First, I borrowed some open-source code for a class called AjaxRequest, which I have saved as /ajax/AjaxRequest.as. I then created a Flash file called /jsajax.fla which exports to the final SWF file, /jsajax.swf. Now, here's the ActionScript code that comprises the first and only frame of the Flash file:

import ajax.AjaxRequest;
Security.allowDomain("domainone.com");
Security.allowDomain("domaintwo.com");

function jsAjax(stringURL:String, stringMethod:String, stringData:String):void
{
    var xhr:AjaxRequest = new AjaxRequest(stringURL);
    xhr.contentType = "application/x-www-form-urlencoded";
    xhr.dataFormat = URLLoaderDataFormat.TEXT;

    if ( stringMethod.toUpperCase() == "POST" ) {
        xhr.method = URLRequestMethod.POST;
    } else {
        xhr.method = URLRequestMethod.GET;
    }

    xhr.addEventListener("complete", jsAjaxResponse);
    xhr.send(stringData);
    return;
}

function jsAjaxResponse(evt:Event):void
{
    ExternalInterface.call("jsAjaxResponse", evt.currentTarget.data.toString());
    return;
}

ExternalInterface.addCallback("jsAjax", jsAjax);
ExternalInterface.call("jsAjaxReady");

到目前为止很好。我有一种感觉，一个或多个 Security.allowDomain 调用不需要，但他们是我的（不成功）尝试尝试解决这个问题。

So far so good. I have a feeling that one or more of those Security.allowDomain calls are not needed, but they were my (unsuccessful) attempts to try to solve this problem.

在我的JavaScript中，我有三个函数定义： jsAjax ， jsAjaxResponse 和 jsAjaxReady 。最后一个只是一个非常基本的函数，用于指示Flash对象加载成功（它只在加载时立即调用一次），而另外两个用于发送和接收数据。您可以看到，他们有相应的ActionScript对应。

In my JavaScript, I've got three functions defined: jsAjax, jsAjaxResponse, and jsAjaxReady. The last one is just a very basic function used to indicate that the Flash object loaded successfully (which is only called once and immediately upon loading it), while the other two are used for sending and receiving the data. As you can see, they have corresponding ActionScript counterparts.

最后，我创建了一个简单的HTML页面 /test.html 嵌入此SWF文件（使用 swfobject ），并有几个简单的表单控件用于调用 jsAjax 函数。我的所有JavaScript定义也嵌入在这个HTML文件中。我还创建了一个非常简单的PHP脚本 /test.php ，打印出 $ _ REQUEST 数组的内容。这是我打算请求使用这个ajax方法的脚本。

Finally, I created a simple HTML page called /test.html that embeds this SWF file (using swfobject) and has a couple of simple form controls for calling the jsAjax function. All of my JavaScript definitions are embedded in this HTML file too. I also created a very simple PHP script called /test.php that prints out the contents of the $_REQUEST array. That's the script I intend to request using this ajax method.

我测试了三个方案，但我只能得到其中两个工作：

There are three scenarios that I tested, but I was only able to get two of them working:

SCENARIO ONE：全部在一个服务器上

如果我上传所有这些文件到domainone.com，然后请求test.php，它工作正常。我的文件/文件夹结构如下所示：

SCENARIO ONE: All on one server
If I upload all of these files to domainone.com, and then request test.php, it works fine. My file/folder structure then looks like this:

domainone.com/jsajax.swf
domainone.com/test.html
domainone.com/test.php

/ strong>。

Again, this works. The jsAjaxResponse function receives back the data from test.php just fine.

SCENARIO TWO：在两个服务器上，向左倾斜

当我将HTML和SWF上传到第一个服务器，然后只是调用第二个服务器上的PHP脚本时，它没有立即工作。我做了一些挖掘，发现通过在domaintwo.com创建一个 crossdomain.xml 文件授予访问domainone.com，这固定它。所以我的文件/文件夹结构看起来像这样：

SCENARIO TWO: On both servers, leaning left
When I uploaded the HTML and SWF to the first server, and then just have it call the PHP script on the second server, it didn't work right away. I did some digging, and found that by creating a crossdomain.xml file on domaintwo.com that granted access to domainone.com, this fixed it. So my file/folder structure looked like this:

domainone.com/jsajax.swf
domainone.com/test.html
domaintwo.com/test.php
domaintwo.com/crossdomain.xml

当在crossdomain.xml文件中明确允许domainone.com时，这样工作。再次，jsAjaxResponse函数接收从test.php返回的数据很好。

When explicitly allowing domainone.com in the crossdomain.xml file, this works. Again, the jsAjaxResponse function receives back the data from test.php just fine.

场景三：服务器，靠右）

当我将所有的HTML都上传到domaintwo.com时，我无法再使用它了。换句话说，domainone.com上的HTML引用了在domaintwo.com上托管的SWF文件，并且该SWF文件尝试向domaintwo.com发出请求。我离开同一个crossdomain.xml文件从情景2，以防万一。我的文件/文件夹结构如下所示：

SCENARIO THREE: On both servers, leaning right
When I uploaded all but the HTML to domaintwo.com, I could no longer get it to work. In other words, the HTML on domainone.com is referencing an SWF file hosted on domaintwo.com, and that SWF file is trying to make a request to domaintwo.com. I left the same crossdomain.xml file from Scenario 2, just in case. My file/folder structure looked like this:

domainone.com/test.html
domaintwo.com/jsajax.swf
domaintwo.com/test.php
domaintwo.com/crossdomain.xml

这是我唯一无法工作的情况，这是我需要工作的情况。前两个真的只是测试场景，看看脚本是否工作。当我尝试运行我的jsAjax函数在这里，我结束一个错误，在Firebug中显示两次：

This is the only case I could not get working, and this is the case I need to get working. The first two were really just test scenarios to see if the script was working at all. When I try to run my jsAjax function here, I wind up with an error that shows up twice in Firebug:

uncaught exception: Error calling method on NPObject! [plugin exception: Error in Actionscript. Use a try/catch block to find error.].
uncaught exception: Error calling method on NPObject! [plugin exception: Error in Actionscript. Use a try/catch block to find error.].

---

如何让它在场景3中工作？

---

Help! How do I get it working in scenario 3?

推荐答案

它与我的Flash文件中的 Security.allowDomain 命令有关。我实际上是在domainone.com的子域托管 test.html ，这被抛弃了。它必须是一个完全匹配，子域和所有。事实证明，我不需要引用domaintwo.com的 Security.allowDomain 命令，也不需要 crossdomain.xml 文件。对于场景3，

I just figured it out! It did have to do with the Security.allowDomain commands in my Flash file. I was actually hosting the test.html on a subdomain of domainone.com, and that was throwing it off. It has to be an exact match, subdomain and all. It turns out I didn't need the Security.allowDomain command that referenced domaintwo.com, nor did I need the crossdomain.xml file to be present at all for Scenario 3!

因为在这个脚本的真实版本，我最终使用，我不一定知道什么domainone.com实际上是，我把Flash文件顶部的代码更改为：

Since in the "real" version of this script that I end up using, I won't necessarily know what domainone.com actually is, I changed the code on the top of the Flash file to this:

import ajax.AjaxRequest;
try {
    var domain1:String = LoaderInfo(this.root.loaderInfo).parameters["allow"];
    if ( domain1.length > 0 ) {
        Security.allowDomain(domain1);
    }
} catch (error:Error) { }
try {
    var domain2:String = LoaderInfo(this.root.loaderInfo).parameters["allowhttps"];
    if ( domain2.length > 0 ) {
        Security.allowInsecureDomain(domain2);
    }
} catch (error:Error) { }
...

$ b b

然后，在我使用的嵌入SWF的JavaScript中，我基本上从 document.location.toString（），检查它是否使用http或https，然后通过 allow 和/或 allowhttps 在flashvars参数中。可能有一个更好的方式来做到这一点，不依赖于在Flash Vars中明确设置域（从Flash内的某种自动检测），但我不熟悉ActionScript足够好，出来。由于这个文件已经在JavaScript和ActionScript之间进行了一整套的双向通信，这不是一个大问题。这个解决方案对我来说是够好的。

Then, in the JavaScript I'm using to embed the SWF there in the first place, I basically grab the current domain of the page from document.location.toString(), check whether it's using http or https, and then pass the domain in as allow and/or allowhttps in the flashvars parameter. There might be a "better" way to do this that doesn't rely on setting the domain up explicitly in the Flash Vars (some kind of automatic detection from within Flash), but I'm not versed in ActionScript well enough to figure that out. And since this file is already doing a whole bunch of bidirectional communication between JavaScript and ActionScript, it's not that big of a deal. This solution is good enough for me.

这篇关于如何修复此跨域ActionScript 3错误？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！