Flash Security Error #2048: Is there a workaround or does Twilio have to change their meta-policy?
Solution 1
localhost
and twilio.com
are not in the same domain so of course you will get a security error. Twilio needs to add this node into the crossdomain:
<site-control permitted-cross-domain-policies="all"/>
Also, make sure your embedding is up to par:
allowscriptaccess = "always"
allownetworking = "all"
If Twilio won't update the crossdomain.xml then you can install a proxy on the server hosting your flex app and grab the data via your proxy.
Solution 2
As of January 2014, Twilio has added the necessary cross-domain permissions mentioned in this question. If problems persist in this vein, please e-mail our support squad at [email protected]
Related videos on Youtube
desimusxvii
Updated on June 04, 2022Comments
-
desimusxvii almost 2 years
My Flash/Flex application is having a problem. For a few months it was able to download files from Twilio but now I'm getting the following error:
(I've had to remove hyperlinks, so imagine "ttp" is really "http". :)
SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048: Security sandbox violation: ttp://localhost/myapp.swf?v=1 cannot load data from ttp://api.twilio.com/."
I enabled policy logging on my flash plugin and get the following messages:
OK: Searching for in policy files to authorize data loading from resource at ttp://api.twilio.com/ by requestor from ttp://localhost/myapp.swf?v=1 Warning: [strict] Policy file requested from ttp://api.twilio.com/crossdomain.xml redirected to ttps://api.twilio.com/crossdomain.xml; will use final URL in determining scope. Warning: Domain api.twilio.com does not specify a meta-policy. Applying default meta-policy 'master-only'. This configuration is deprecated. See ttp://www.adobe.com/go/strict_policy_files to fix this problem. OK: Policy file accepted: ttps://api.twilio.com/crossdomain.xml Error: Request for resource at ttp://api.twilio.com by requestor from ttp://localhost/myapp.swf?v=1 is denied due to lack of policy file permissions.
So it looks to me like the problem is that Twilio doesn't specify a "meta-policy". Is there a way for me to get around this?
-
desimusxvii about 13 yearsTwilio updated their crossdomain.xml for me but the problem persists. I've taken the proxy route.
-
The_asMan about 13 yearsodd it looks like they took the crossdomain down completely they might be updating it or trying to figure out what the file does.
-
Thomas about 11 yearsI have implemented the changes above, but am still getting a #2048, not using twillo. Just working between my site and Rackspace cloudfiles CDN. Adding the allow scripts and networking was not a problem. site-control confused me a bit - I put this is a crossdomain.xml file and put this in the root of my site, is this accurate?