- Home /
Crossdomain woes
We are using WWW to talk to a web service to track activity in a game in a webplayer. There is a crossdomain.xml in the root of the tracking domain and this works fine if we access it using a webplayer served from Domain A using http.
Domain B is a moodle LMS which uses https to serve the webplayer, once it's downloaded to the browser the webplayer tries to connect to the same tracking server using http, but then refuses to do anything further and reports the "Rejected because no crossdomain.xml policy file was found" message.
Have put an http sniffer on the client and can see the GET request to the server for the crossdomain.xml going out and there is a corresponding log entry on the Windows IIS web server which is reporting it successfully delivers the file.
Totally clueless where to go from here re trying to solve this. Any suggestions very welcome.............
Answer by VolureDarkAngel · Jul 29, 2013 at 06:08 PM
(I may have jumped the gun on https, I re-read your post and notice nothing about https outgoing connections, But this solution will still stand a chance of working.)
the problem with that is that HTTPS is not port 80, also it does not send a cleartext host therefore all it has in as ip address.
Two possible answers to this.
1: Add port 443 (https) to the existing policy file to allow the client to access that port as well as port 80
2: If that does not work, setup a crossdomain policy service on port 843 that includes your access.
here is a link to unity's Sandbox documentation.
http://docs.unity3d.com/Documentation/Manual/SecuritySandbox.html
Answer by KeithT · Jul 30, 2013 at 08:39 AM
Thanks for the answer but as I think you added later the GET is actually done using http not https, can see it in the sniffer. Do you think WWW is in some way changing its behaviour because the page it's on was served usign https ?
The code works within the Editor, reads the crossdomain no probs but when deployed via the LMS it complains the policy file is invalid. Don't suppose there is a "verbose" setting on WWW somewhere to get more info re what it's complaining about ?
Did some more testing and got a webplayerlog showing more details below. Anyone understand what the problem is ?
About to parse url: http://track.thedomain.com/Unity3DService.asmx
Deter$$anonymous$$ing crossdomain.xml location for request: http://track.thedomain.com/Unity3DService.asmx
About to parse url: http://track.thedomain.com/Unity3DService.asmx
Deter$$anonymous$$ing crossdomain.xml location for request: http://track.thedomain.com/Unity3DService.asmx
Download had O$$anonymous$$ statuscode
Received the following crossdomain.xml
received policy
Parsing: cross-domain-policy
cross-domain-policy
Parsing: allow-access-from
allow-access-from
domain: *
to-ports: *
done parsing policy
crossdomain.xml was succesfully parsed
About to parse url: http://track.thedomain.com/Unity3DService.asmx
Checking if http://track.thedomain.com/Unity3DService.asmx is a valid domain
Checking request-host: track.thedomain.com against valid domain: *
Rejected because there was no AllowedAcces entry in the crossdomain file allowing this request.
About to parse url: http://track.thedomain.com/Unity3DService.asmx
Checking if http://track.thedomain.com/Unity3DService.asmx is a valid domain
Checking request-host: track.thedomain.com against valid domain: *
Rejected because there was no AllowedAcces entry in the crossdomain file allowing this request.