• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 982
  • Last Modified:

flex and https

Hi All,
I'm getting crazy with a problem.
I'm trying to load from a flex application hosted in a domain a .net web service hosted into another domain over https (ssl).
The certificate is a valid one and I'm pretty sure the cross domain file is ok.
Now if I call the webservice using http, the application works fine. If I use https doesn't work.
Also I created a config folder on the flex application and I copied a flex-config.xml file.

this file contains:
<?xml version="1.0"?>
<flex-config>
   <compiler>
<web-service-proxy>
<whitelist>
<unnamed>
<url>http://*</url>
<url>https://*</url>
</unnamed>
</whitelist>
</web-service-proxy>
</compiler>
</flex-config>

I'm not doing nothing on the flex-compiler section under the project properties (I assume the file is loaded automatically?)
Any idea how to solve this problem?

Thanks in advance
0
xtremereality
Asked:
xtremereality
  • 6
  • 6
1 Solution
 
Jones911Commented:
Is your application running under https?  Both need to be.
0
 
xtremerealityAuthor Commented:
hi Jones,
No only webservice is running under https, and I cannot change this scenario.
Basically is a http to https call.

0
 
Jones911Commented:
I don't think its possible.  I'm pretty sure both need to be https or http
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
xtremerealityAuthor Commented:
0
 
Jones911Commented:
Perhaps you missed this line:

By default, Flash Player does not allow an application loaded through HTTP to make requests through HTTPS, even for the same domain, unless the secure property is set to false. The crossdomain.xml file lets you override the default behavior of the Flash security sandbox.
0
 
xtremerealityAuthor Commented:
this is my crossdomain

  <?xml version="1.0" ?>
  <!DOCTYPE cross-domain-policy (View Source for full doctype...)>
- <cross-domain-policy>
  <site-control permitted-cross-domain-policies="all" />
  <allow-access-from domain="*.mydomain.com" secure="false" />
  <allow-http-request-headers-from domain="*. mydomain.com" headers="*" secure="true" />
  </cross-domain-policy>

I think this is correct. Actually I'm not sure how to tell flex to load the flex-config.xml. As I said on my post, I just created a folder called config that contains a file called flex-config.xml but I'm not sure if this file will be loaded automatically or not
0
 
Jones911Commented:
But is the cross domain file on your server or the server you get the data from?

Also that XML file can be found at:  C:\ColdFusion8\wwwroot\WEB-INF\flex  or where you installed CF.

Also something may have changed as that doc is Flex 1 perhaps look at the spec for Flex 3
0
 
xtremerealityAuthor Commented:
the cross domain is on the server where the webservice is running (the https one).
I'm not using coldfusion but asp.net as a server technology.
Anyway I just resolved by myself. Thanks for your help
0
 
Jones911Commented:
OK tell us what you did to fix it to help the next person :)
0
 
xtremerealityAuthor Commented:
the solution was specify the secure option in each line of the crossdomain

  <?xml version="1.0" ?>
  <!DOCTYPE cross-domain-policy (View Source for full doctype...)>
- <cross-domain-policy>
  <site-control permitted-cross-domain-policies="all" />
  <allow-access-from domain="http://www.mydomain.com" secure="false" />
  <allow-http-request-headers-from domain="http://www. mydomain.com" headers="*" secure="false" />
  <allow-access-from domain="http://mydomain" secure="false" />
  <allow-http-request-headers-from domain="http://mydomain" headers="*" secure="false" />
  </cross-domain-policy>
0
 
Jones911Commented:
Did I not point out that line?

unless the secure property is set to false
0
 
xtremerealityAuthor Commented:
ok :)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now