09.28
Recently and a long time back, sometime in December 08 to be exact, I had the rare challenge of making HTTPS calls from a swf which did not sit on the same server. I faced quite a bunch of problems and I still do. But I do have some solutions which I have found on the internet from reliable sources, though not tried and tested, which may solve your issues should you come across this situation at any time.
The “allow-access-from” has an attribute called secure which very few people use.
Adobe says :
- secure
- [HTTPS and Sockets only, optional] When false, allows an HTTPS policy file to grant access to a request coming from an HTTP source. The default for URL policy files is true, providing only HTTPS sources permission. Using false is not recommended. Socket policy files use a default of false.
So a sample would be
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*.somedomain.com" secure="false"/> </cross-domain-policy>
The second option which I believe will never give you any problems is using a proxy. This works even when you cannot get a crossdomain file onto the server you are feeding from.
A sample PHP Proxy is as follows:
<?php
$dataURL = "http://www.sowebme.com/murtaza/feed/";
//note that this does not follow redirects.
readfile($dataURL);
?>
No Comment.
Add Your Comment