Re: [Flash Operator Panel] Flash operator panel over SSL

[Nicolás Gudiño <nicolas@xxxxxxxxxxxx>]

Hello,

On Mar 12, 2008, at 1:29 AM, Amruth Laxman wrote:

> Hi,
>
> I'm trying to get FOP working with HTTPS exclusively. I have  
> everything configured and the operator panel works fine as long as  
> I also leave regular HTTP enabled. If I disable HTTP in my  
> firewall, the flash page gets stuck while loading.
>
> A trace of the http requests when HTTP is enabled, shows that the  
> flash player is trying to load crossdomain.xml via HTTP instead of  
> HTTPS (even though the flash file is being served over HTTPS). This  
> seems unnecessary, since the file is not present, and the flash  
> player seems to go ahead with the playback despite the missing file.
>
> Does anyone know of a way to disable the fetch of crossdomain.xml,  
> or alternately, is there a way to instruct the flash player to use  
> https?
>
> I'm running the following versions of software:
> - FOP v.26
> - Embedded in FreePBX 2.2.1 (2.4 also seems to behave the same)
> - Apache 2.0.52

The flash client is supposed to retrieve the crossdomain.xml file  
from the same server and port that the flash movie resides. There are  
several users running serving the file from https with no problems.  
Maybe there is an issue with your particular flash client (platform  
and version). In any case.. you  might want to force the port (using : 
443 in the url). Or by  patching the ming source and adding something  
like:

System.security.loadPolicyFile("https://www.foo.com/crossdomain.xml";);

Or maybe the problem has nothing to do with the crossdomain file? I  
will have to test myself and verify that it works in plain ssl.  
Anyways, you can also try upgrading to 0.27 or snapshot/svn versions.

Best regards,