- Home /
"SecurityException: No valid crossdomain" even though the webplayer didn't even try to get the crossdomain policy request.
I did all the necessary steps:
1 - I have a game hosted on server1;
2 - The highscores services are on server2;
3 - I setup a python policy request server on port 843;
4 - I tested the server through telnet. It works as expected;
5 - Just in case, there is a crossdomain.xml on server2.com/crossdomain.xml. It was uploaded as ASCII;
6 - The game starts, it runs this first, just in case: Security.PrefetchSocketPolicy("server-2-ip", 843); I can see that it works by looking at the packets through Wireshark;
7 - I send a WWW get request to see if it works: WWW wc = new WWW("http://server2.com/crossdomain.xml"); yield return wc; Debug.Log(wc.text); It does.
HOWEVER, when I try to send a WWWForm, the Player outputs this to the log:
SecurityException: No valid crossdomain policy available to allow access
at (wrapper managed-to-native) UnityEngine.WWW:get_bytes ()
at UnityEngine.WWW.get_text () [0x00000] in <filename unknown>:0
at ScoreManager+<GetScoresByIp>c__IteratorD.MoveNext () [0x00000] in <filename unknown>:0
Then I look at the packets sent. It didn't send any! What the hell. It didn't even check for a cross domain policy file anywhere. I looked everywhere to see if I was doing something wrong. But everything seems fine.
This is how I send (well, it actually never sends to any server at all) the post data:
WWWForm data = new WWWForm();
data.AddField("key", this.c);
var ip = "0.0.0.0";
var jdata = string.Format("{{ \"action\" : \"post_score\", \"ip\" : \"{0}\", \"scoredata\" : {{ \"name\" : \"{1}\", \"score\" : {2}, \"userdata\" : \"{3}\" }} }}", ip, name, score, userdata);
data.AddField("json", EncryptString(jdata, this.a, this.b));
WWW wc = new WWW("http://server2.com/post.php", data);
yield return wc;
JsonReader reader = new JsonReader();
reader.Read(wc.text);
JsonElement elmt = reader.Content;
Is there anything wrong with this? Is this a bug?
Answer by Graham-Dunnett · Nov 08, 2013 at 10:51 PM
You are mixing up the crossdomain.xml and the socket policy file. If you are using sockets then you need a policy server running on port 843. If you are just using WWW/WWWForm then you only need the crossdomain.xml on the root of your web server. So, your (3), (4) and (6) are irrelevant most probably.
You say that you have fetched the crossdomain.xml from the server, and this gets delivered correctly. This confirms that the file has been read, and hence you should be able to read any file from the server. What I am somewhat suspicious about is whether the crossdomain.xml allows you to post data. Set ENABLE_CROSSDOMAIN_LOGGING to 1 and see what diagnostic information is written.