My 5th book "50 Tips on JavaScript" is on sale. Go get it from https://50tips.dev.
Illustrated guide to 50 of the most interesting JavaScript topics.

Security sandbox violation error even with crossdomain.xml

Again, a very nice surprise by Adobe. I have a flex application which makes cross-domain requests to another server holding REST API. There is a crossdomain.xml file, but the request still doesn't work.
I got
#2170: Security sandbox violation: http://mysite.com/project.swf cannot send HTTP headers to http://remoteserver.com/api/method/.
The policy file looks like that:
	<?xml version="1.0"?>
	<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
	<cross-domain-policy>
		<allow-access-from domain="*" />
	</cross-domain-policy>
	
But it should contains this:
	<?xml version="1.0"?>
	<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
	<cross-domain-policy>
		<site-control permitted-cross-domain-policies="all"/>
		<allow-http-request-headers-from domain="*" headers="*" secure="true"/>
		<allow-access-from domain="*" secure="true" /> 
	 </cross-domain-policy>
	</pre>
  Once I updated the file everything works.
If you enjoy this post, share it on Twitter, Facebook or LinkedIn. To leave a comment go here.