flash socket & security problem

rulian

Hey All,
I posted this on actionscript.org but similar problems on there have yielded no results so I hope my fellow PHPers can do the trick.

I created a socket server with PHP, pretty much your standard one you find if you google php socket server.

I am attempting to use the server to create a flash based chat. I did the action script which was pretty much similar to the PHP stuff and it worked fine when I would compile the movie so everything was looking good.

When I embedded the swf into the website and executed it would not work. After much fustraction and rechecking everything I came to find out it's a security issue.
SWF's being executed on the client side purposefully block access to local or network files.

There are security settings in the export which I implemented "Access Network Only" and on the embedd to allowNetwork = all
I attemped to use Flash's LocalContentUpdater tool to do the persmission sandbox but failed to run in on my linux box since that is what I am using (Ubuntu LAMP configuration)

The only other alternative is to have EVERY user who accesses my site change permissions to allow the swf to access the socket server.

Any body have any idea for a work around or ever use the persmission sandbox on LocalContentUpdater ?

sneakyimp

I'm not at all sure because I deal with this infrequently, but have you bothered to set up a crossdomain.xml file on the server? When you publish your socket-connecting flash movie to a website and it tries to connect to some socket server, the first thing it will do is try to connect on port 843 and ask for a policy file. if it can't find it there, it will ask for it on the socket which it has connected to.

I have written a tool to help connect Flash to PHP. See my signature for more info.

rulian

yes I eventually got the socket server to release the security policy via it's own socket and all was gravy, thanks