这个有效:
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://foo.com/flash/flash.swf by requestor from http://bar.com/flash/old.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at https://foo.com/flash/flash.swf by requestor from http://bar.com/flash/old.swf
OK: Policy file accepted: https://foo.com/crossdomain.xml
OK: Request for resource at https://foo.com/flash/flash.swf by requestor from http://bar.com/flash/old.swf is permitted due to policy file at https://foo.com/crossdomain.xml
这失败了:
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at
https://foo.com/flash/flash.swf
by requestor from http://bar.com/flash/new.swf
OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at
https://foo.com/flash/flash.swf
by requestor from http://bar.com/flash/new.swf
Warning: [strict] Policy file requested from
https://foo.com/crossdomain.xml redirected to https://foo.com/crossdomain.xml; will use final URL in determining scope. See http://www.adobe.com/go/strict_policy_files if this causes problems.
OK: Policy file accepted: https://foo.com/crossdomain.xml
Error: Request for resource at
https://foo.com/flash/flash.swf
by requestor from http://bar.com/flash/new.swf is denied due to lack of policy file permissions.
我能找到的唯一区别是:
1) 与“来自”swf 文件不同,但这不应该改变任何东西
2) new.swf 尝试的奇怪重定向警告
来自 foo.com 的 crossdomain.xml 包含:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>
我的新旧 swf 都使用此代码加载第三方 swf:
var strURL:String = this.videoParameters.media_url;
// replace [timestamp]
strURL = strURL.replace(
"[timestamp]",
(new Date()).valueOf().toString()
);
// use LoaderContext for domain security
this._oSWFApplicationDomain = new ApplicationDomain();
var oContext : LoaderContext = new LoaderContext(
false,
this._oSWFApplicationDomain, // ApplicationDomain must be separate
SecurityDomain.currentDomain
);
this._oSWF = new Loader();
var oLoader:LoaderInfo = this.oSWF.contentLoaderInfo;
// start media load timeout
this._oManager.startMediaTimer();
// listen for when the SWF completely loads itself
oLoader.addEventListener(
Event.COMPLETE,
this.onLoadComplete,
false,
0,
true
);
// listen for any error that may occur while trying to load
oLoader.addEventListener(
IOErrorEvent.IO_ERROR,
this.onLoadError,
false,
0,
true
);
var oURLRequest : URLRequest = new URLRequest(strURL);
this.oSWF.load(oURLRequest, oContext);
最佳答案
问题可能是因为您正在加载的 SWF 的源 URL 中有一些空格。在开始或结束时,不确定哪个是问题所在,但这会导致闪存加载 crossdomain.xml,然后出现安全错误。对 Flash 赞不绝口。
关于actionscript-3 - 为什么 flash 只在一种情况下阻止我加载跨域 swf?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41027730/