Download Flexpaper source modified into a SWF reader, to join the SWF file to be read, you can call JS in the Flex method to get the path of the SWF file, the JS only focus on the path to the line, waiting for the flex to invoke: But there is a problem that is a security issue , like the following tip: Error #2044: Unhandled ondocumentloadederror:. Text=error #2048: Security sandbox conflict: http://localhost:8080/UpLoadAndDownLoad/FlexPaper.swf cannot be from http://127.0.0.1:8080/ myfileconvert/convertfile/application1/2.swf loading data. This is caused by the security of the cross-domain transmission of flash data, when I add the following file in the Webapps/root directory of Tomcat, I can solve the problem of the SWF file that the security problem is cited, but this is to expose the SWF file to all IP access, So there are security issues:
XML code <?xml version= "1.0" encoding= "UTF-8"?> <cross-domain-policy> < Allow-access-from domain= "*"/> </cross-domain-policy>
<?xml version= "1.0" encoding= "UTF-8"?> <cross-domain-policy> <allow-access-from domain= "*" /> </cross-domain-policy>
The following is a reprint of the cross-domain issues:
About cross-domain policy files crossdomain.xml file
Http://www.xiaonei.com/crossdomain.xml
<!– http://www.xiaonei.com/ –><?xml version= "1.0" encoding= "UTF-8"?> <cross-domain-policy> <allow-access-from domain= "* . xiaonei.com "/> <allow-access-from domain=" xiaonei.com "/> </cross-domain-policy>
This is a very standard practice, and I will let my own domain and my subdomain to get the data.
Taobao's:
Http://www.taobao.com/crossdomain.xml
XML code <?xmlVersion= "1.0" encoding= "UTF-8" ?> <cross-domain-policy> <allow-access-fromDomain= "*.taobao.com" /> <allow-access-fromDomain= "*.taobao.net" /> <allow-access-fromDomain= "*.taobaocdn.com" /> <allow-access-fromDomain= "*.allyes.com" /> </cross-domain-policy><?xml version= "1.0" encoding= "UTF-8"?> <cross-domain-policy> <allow-access-from domain= "*. Taobao.com "/> <allow-access-from domain=" *.taobao.net "/> <allow-access-from domain=" *. Taobaocdn.com "/> <allow-access-from domain=" *.allyes.com "/> </cross-domain-policy>
The red line is the domain of Taobao's CDN, the so-called content distribution network.
Green Line is Taobao advertisers, http://www.allyes.com/good advertising network, just don't know is still selling Taobao ads.
Look at the crossdomain.xml of several big websites, and you can also know what network advertisers are giving them advertising.
Like Bloomberg: Http://www.bloomberg.com/crossdomain.xml
XML code <?xmlVersion= "1.0" encoding= "UTF-8" ?> <cross-domain-policy> <allow-access-fromdomain= "localhost" /> <allow-access-fromDomain= "10.16.136.107" /> <allow-access-fromDomain= "*.bloomberg.com" /> <allow-access-fromDomain= "*.pointroll.com" /> <allow-access-fromDomain= "*.pointroll.net" /> </cross-domain-policy><?xml version= "1.0" encoding= "UTF-8"?> <cross-domain-policy> <allow-access-from domain= " localhost "/> <allow-access-from domain=" 10.16.136.107 "/> <allow-access-from domain=" *. Bloomberg.com "/> <allow-access-from domain=" *.pointroll.com "/> <allow-access-from domain=" *.pointroll.net "/> </cross-domain-policy>
The red is too unprofessional, the internal IP is exposed ...
The green one is Bloomberg's Advertiser: PointRoll
By Reuters:
Http://www.reuters.com/crossdomain.xml
XML code <?xmlVersion= "1.0" encoding= "UTF-8" ?> <cross-domain-policy> <allow-access-fromDomain= "*.reuters.com" secure= "false" /> <allow-access-fromDomain= "Ad.doubleclick.net" secure= "false" /> <allow-access-fromDomain= "Ad.uk.doubleclick.net" secure= "false" /> <allow-access-fromDomain= "M.2mdn.net" secure= "false" /> <allow-access-fromDomain= "M2.2mdn.net" secure= "false" /> </cross-domain-policy><?xml version= "1.0" encoding= "UTF-8"?> <cross-domain-policy> <allow-access-from domain= "*. Reuters.com "secure=" false "/> <allow-access-from domain=" ad.doubleclick.net " secure=" false "/> <allow-access-from domain= "ad.uk.doubleclick.net" secure= "false"/> <allow-access-from Domain= "M.2mdn.net" secure= "false"/> <allow-access-from domain= "M2.2mdn.net" secure= "false"/> </cross-domain-policy>
The ad gave DoubleClick to do (green)
2mdn.net can not understand what is doing, probably a CDN it.
Facebook with a feeling of abuse:
Http://www.facebook.com/crossdomain.xml
XML code <?xmlVersion= "1.0" encoding= "UTF-8" ?><! DOCTYPE cross-domain-policy SYSTEM "Http://www.adobe.com/xml/dtds/cross-domain-policy.dtd" > <cross-domain-policy> <site-controlPermitted-cross-domain-policies= "Master-only" /> <allow-access-fromDomain= "S-static.facebook.com" /> <allow-access-fromDomain= "Static.facebook.com" /> <allow-access-fromDomain= "Static.api.ak.facebook.com" /> <allow-access-fromDomain= "*.static.ak.facebook.com" /> <allow-access-fromDomain= "S-static.thefacebook.com" /> <allow-access-fromDomain= "Static.thefacebook.com" /> <allow-access-fromDomain= "Static.api.ak.thefacebook.com" /> <allow-access-fromDomain= "*.static.ak.thefacebook.com" /> <allow-access-fromDomain= "*.static.ak.fbcdn.com" /> <allow-access-fromDomain= "External.ak.fbcdn.com" /> <allow-access-fromDomain= "*.static.ak.fbcdn.net" /> <allow-access-fromDomain= "External.ak.fbcdn.net"Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
