Getting rid of an unwanted URL

I have seen some posts on here close to this topic but nothing that has resolved my issue thus far.
I have a simple flex app that is pretty much a data grid that is populated by a list of xml files that is given by a php file on the server. Using firebug I have tracked the issue down to one location and that is where flash is trying to load the xml url to be parsed into the data grid.
The thing works on our QA but when it is in prod it it has issues. Part of the issue is that the location where the xml files need to be read are not web accessable meaning you can't type a url in a browser to view it, whereas on the qa you can, either way I made the URLs relative but it's still adding a domain to the front of it, example:

flash is fed this url to look for the xml file "../../../placemenxml/someFile.xml"
yet firebug is showing that flash is looking for "http://our.servername.com/placementxml/someFile.xml"

so where is the stupid "http://our.servername.com/" coming from?
I've tried adding <param name="base" value="."/> in the html page and that changes nothing for QA, the QA still has it's servername appended to the front as well.

fire bug says this as a response: "The requested URL /placementxml/someFile.xml was not found on this server", does this mean the relative "../../../" is not being applied? how can I make this work?
GCUAsked:
Who is Participating?
 
Dave BaldwinFixer of ProblemsCommented:
If "../../../" is trying to go up past the web root, it probably won't work on the web.
0
 
GCUAuthor Commented:
yeah, the web root is still 2 or so dirs above where the xml files are and the swf is 3 below that, so I don't think that's the issue.
0
 
petiexCommented:
If the xml is not web-accessible, you can't access it from a web-deployed swf. It's a security feature. I'm guessing your QA compiles the code for a local sandbox (local-with-filesystem) so that it can access the local filesystem. That cannot work when it is deployed to the web.

If you want to embed xml files into your application, it turns out you can. http://dispatchevent.org/roger/embed-almost-anything-in-your-swf/

In the comments of that post, they seem to suggest that you need to specify a mime-type of octet stream, rather than text/xml, like this:

[Embed(source="someFile.xml", mimeType="application/octet-stream")]
private const myXML:Class;

var x:XML = XML(new myXML());
trace(x.toXMLString());
0
 
GCUAuthor Commented:
If the xml is not web-accessible, you can't access it from a web-deployed swf.

I had a feeling that might be the case, seems as if I might need to find a work around.
I can't embed the xml files since they are generated by another swf (they are exam results)
I'm thinking I might have to have php read the xml and send the data back to flash, stupid but seems like the only way right now.
0
 
petiexCommented:
I wouldn't flat-out call the security features stupid, but they certainly can be frustrating. Just remember there's nothing more frustrating than someone exploiting a vulnerability in your app to destroy or steal important data :)

I think it makes a lot more sense to expose xml files using a service, rather than putting them in a web-accessible directory, so yeah, I think you should go with that. For one thing, assuming that users may have expectations of confidentiality concerning exam results, you would be able to add some kind of password protection to the php service you use to expose those xml files.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.