Socket communication policy-file-request solution between C ++ and Flex

Document directory

• Socket policy file

C ++ winsocket server and flex as3 client. Bind the server to port 2020 of ip127.0.0.1, and use socket. Connect In Flex to initiate a link to the server. When flex runs locally, the connection succeeds, but a security error occurs during access through the domain name,Error #2048.
. During the connection, the server receives a message from the client.<Policy-file-Request/>
Message.

Solution:

I have searched several documents on Google, and I have been familiar with it for a long time.

The cause of this problem is that flash player hasSecurity Sandbox Mechanism
. When running SWF locally, the default security policy of Flash Player can be accessed across regions. You can check that the security. sandboxtype attribute value is localtrusted. However, when using an IP address to access the SWF file, flashplayer considers the file unsafe and can view
The attribute value of security. sandboxtype is remote. In this case, you need to place a policy file on the server side so that flash player can link SWF to this server.

A number of blogs say they need to be namedCrossdomain. xml
To the root directory of the HTTP server. The file content is

<? XML version = "1.0"?> <Br/> <cross-domain-Policy> <br/> <site-control permitted-Cross-Domain-policies = "all"/> <br/> <allow-Access -From domain = "*" to-ports = "2020"/> <br/> </Cross-Domain-Policy>

I did this, but it didn't work. (I can confirm that the policy file is accessed because a warning is reported in the flex debugging information when a syntax error occurs in the file .) So I guess this method may solve the problem of remote HTTP file access, while socket communication requires another method.

Then, on the csdn forum, we found that someone had the same problem with the communication between the ocket and flex. The solution was that the server received
<Policy-file-Request/> message,Send a message directly to the client. The content is the XML of the preceding policy file.
. I copied it and it still does not work. >_<

Char szpolicy [1024] = ""; <br/> strcat_s (szpolicy, 1024, "<? XML version = '1. 0'?> "); <Br/> strcat_s (szpolicy, 1024," <cross-domain-Policy> "); <br/> strcat_s (szpolicy, 1024, "<site-control permitted-Cross-Domain-policies = 'all'/>"); <br/> strcat_s (szpolicy, 1024, "<allow-access-from domain = '*' to-ports = '000000'/>"); <br/> strcat_s (szpolicy, 2020, "</Cross-Domain-Policy>/0"); <br/> sockclient = m_socklistener.accept (& addrclient); <br/> If (sockclient. isinvalid () <br/>{< br/> // accept Fai Led <br/> puts ("# error! Acceptation failed. "); <br/> continue; <br/>}< br/> nrecvlen = sockclient. receive (szrecvbuff, max_buff); <br/> If (sockclient. isdisconnect () <br/>{< br/> // disconnect <br/> printf_s ("# Disconnect Client [% d]. /n ", I); <br/> removeclient (m_vsockclients [I --]); <br/> continue; <br/>}< br/> szrecvbuff [nrecvlen] = '/0'; <br/> printf_s ("# Received: [% d] % s/n ", nrecvlen, szrecvbuff); <br/> If (0 = strcmp ("<policy- File-Request/> ", szrecvbuff) <br/>{< br/> If (strlen (szpolicy) = sockclient. send (szpolicy, strlen (szpolicy) <br/>{< br/> printf_s ("# Send policy XML string successful. /n "); <br/>}< br/> else <br/> {<br/> printf_s (" # error! Send policy XML string failed. /n "); <br/>}< br/> // sockclient. close (); // ***** here <br/> // removeclient (m_vsockclients [I --]); <br/> continue; <br/>}< br/> // connect successful.
 

Let's look at it as a pseudo-code ......

Solution:

The final solution is to read the Big Brother's blog: http://blog.csdn.net/xuxiangwin/archive/2009/07/07/4324218.aspx actually used Goto, let me shake the god.

 

The final key point is to close the current socket after you receive <policy-file-Request/> and return the policy file to the client.

 

If (0 = strcmp ("<policy-file-Request/>", szrecvbuff) <br/>{< br/> If (strlen (szpolicy) = sockclient. send (szpolicy, strlen (szpolicy) <br/>{< br/> printf_s ("# Send policy XML string successful. /n "); <br/>}< br/> else <br/> {<br/> printf_s (" # error! Send policy XML string failed. /n "); <br/>}< br/> sockclient. close (); // ***** here <br/> removeclient (m_vsockclients [I --]); <br/> continue; <br/>}

The reason is that the link to the request policy file and the link actively initiated are two independent links, that is to say, the link that the server receives the <policy-file-Request/> information is not the main link of our connect function on the client. After the connection request of the policy file is closed, flashplayer automatically reconnects. This phenomenon can be seen on the server side. This is the information displayed when the server side accepts a link:

# Accept successful [Wagner. 0.0.1: 4106]
# Readable client [0].
# Received: [23] <policy-file-Request/>
# Send policy XML string successful.
# Accept successful [
127.0.0.1
: 4107]

That's it. Close the job.

 

Add:

Flash has such a rule: if Flash Player needs to use socket-based links, the policy file must be sent through socket ......

 

The final practice is,
On port 843

Open an exe server dedicated to receiving flash player policy file requests and disconnect the connection after the policy file is returned. In this way, the original server program does not need to know that there is a policy file, and the problem is solved perfectly.

 

Certificate -----------------------------------------------------------------------------------------------------------------------------------------

 

Related information:

 

Flash CS3 documentation
Permission control Overview

Http://help.adobe.com/zh_CN/ActionScript/3.0_ProgrammingAS3/WS5b3ccc516d4fbf351e63e3d118a9b90204-7e08.html

Flash CS3 documentation
Load count

Http://livedocs.adobe.com/flash/9.0_cn/main/wwhelp/wwhimpl/common/html/wwhelp.htm? Context=LiveDocs_Parts&file=00000356.html # wp519500

Flash Player Security/
Permission Control

Http://help.adobe.com/zh_CN/ActionScript/3.0_ProgrammingAS3/WS5b3ccc516d4fbf351e63e3d118a9b90204-7e08.html

 

The following is an excerpt from adobecs3 official document.

Socket policy file

Http://livedocs.adobe.com/flash/9.0_cn/main/wwhelp/wwhimpl/common/html/wwhelp.htm? Context=LiveDocs_Parts&file=00000349.html

ActionScript
Objects can be instantiated using two different server connections: document-based server connections and socket connections. Loader, sound, urlloader, and urlstream
You can instantiate a file-based server connection for an ActionScript object. All these objects load files based on URLs. ActionScript socket and
Xmlsocket objects are connected through sockets. These objects operate on data streams rather than loaded documents. Flash Player
Two policy files are supported: document-based policy files and socket policy files. Document-based connection requires document-based policy files, while socket connection requires socket policy files.

Flash Player requires that you try to connect the same protocol transfer policy file that you want to use. For example, if you place a policy file in your HTTP
Server, the SWF files in other domains are allowed from the server (
Server) load data. However, if the socket policy file is not provided on this server, the SWF of other domains is prohibited.
The file is connected to the server at the socket level. The method for retrieving the socket policy file must match the connection method.

The policy file provided by the socket server has the same syntax as any other policy file, but the former must also specify which ports to grant access permissions. If the policy file comes from less than 1024
It can grant access permissions to any port. If the policy file is from Port 1024 or higher, it can only
And higher ports. The allowed ports are<allow-access-from>
Labelto-ports
Attribute. A single port number, port range, and wildcard are allowed values.

The following is an example of an xmlsocket policy file:

In Flash Player 6
When the policy file is introduced for the first time, the socket policy file is not supported. The connection to the socket server is authorized by a policy file in the default location where the cross-origin policy file is located.
It is located on port 80 of the HTTP server in the same domain. Flash Player 9
This feature is still supported. However, the default setting of Flash Player is to retrieve the socket policy file on the same port as the socket connection. If you want to use HTTP-based
To authorize socket connection, you must use the following code to explicitly request the HTTP policy file:

Security.loadPolicyFile("http://socketServerHost.com/crossdomain.xml")

In addition, for an authorized socket connection, the HTTP policy file can only come from the default location of the cross-origin policy file, rather than from any other HTTP Location. The policy file obtained from the HTTP server implicitly grants socket access permissions to port 1024 and all higher ports.to-ports

For more information about socket policy files, see connect to a socket
.

Connect to socket

Http://livedocs.adobe.com/flash/9.0_cn/main/wwhelp/wwhimpl/common/html/wwhelp.htm? Context=LiveDocs_Parts&file=00000356.html # wp519500

By default, cross-origin access to socket and XML socket connections is disabled. By default, access to the socket connection in the same domain as the SWF file on a port lower than 1024 is prohibited, however, you can allow access to these ports by providing the cross-origin policy file in any of the following locations:

• Same port as the main socket connection
• Different ports
• Port 80 of the HTTP server in the same domain as the socket server

If the cross-origin policy file and the main socket connection are on the same port or different portsto-ports
To enumerate allowed ports, as shown in the following example:

To retrieve the socket policy file that is located on the same port as the primary socket, you only need to callSocket.connect()
OrXMLSocket.connect()
Method. If the specified domain is different from the domain where the SWF file to be called is located, Flash Player automatically attempts to retrieve the policy file from the same port of the master connection being tried. To retrieve the socket policy file from different ports on the same server as the master connection, you must use a special“xmlsocket”
Syntax callSecurity.loadPolicyFile()
Method:
Security. loadpolicyfile ("xmlsocket: // server.com: 2525 ");

CallSecurity.loadPolicyFile()
Method, and then callSocket.connect()
OrXMLSocket.connect()

To implement the socket server and provide the socket policy file, you should decide whether to provide the policy file using the same port that accepts the master connection or using different ports to provide the policy file. Regardless
In which case, the server must wait for the first transmission of the client before deciding whether to send the policy file or establish a master connection. When Flash Player
When a policy file is requested, it will always transmit the following strings after a connection is established:
<Policy-file-Request/>

After receiving this string, the server transfers the policy file. The program does not use the same connection for the policy file request and the master connection. Therefore, the connection should be closed after the policy file is transmitted. If the connection is not closed, Flash Player closes the connection to the policy file, and then reconnects to establish a master connection.

For more information, see socket policy files.
.