Security sandbox violation error even with crossdomain.xml
Again, a very nice surprise by Adobe. I have a flex application which makes cross-domain requests to another server holding REST API. There is a crossdomain.xml file, but the request still doesn't work.
I got
#2170: Security sandbox violation: http://mysite.com/project.swf cannot send HTTP headers to http://remoteserver.com/api/method/.The policy file looks like that:
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy>But it should contains this:
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all"/> <allow-http-request-headers-from domain="*" headers="*" secure="true"/> <allow-access-from domain="*" secure="true" /> </cross-domain-policy> </pre> Once I updated the file everything works.