- Home /
Crossdomain.xml problem in HTTPS / SSL
Hi all, we got a big problem with the integration of Game Analytics service into our Facebook Game. Such you know, Facebook require (in October 2013) that you run your app under an HTTPS service. Everything seem working in HTTP but in HTTPS, the webplayer doesn't validate the api.gameanalytics.com against the rule * of the crossdomain.xml that is hosted here : http://api.gameanalytics.com/crossdomain.xml
PS : I also contacted the support of GA, issue is still under investigation.
Our investigation webplayer log in HTTP (WORK):
...
About to parse url: http://api.gameanalytics.com/crossdomain.xml
...
Download had OK statuscode
Received the following crossdomain.xml
----------
<cross-domain-policy><site-control permitted-cross-domain-policies="all"/><allow-access-from domain="*"/><allow-http-request-headers-from domain="*" headers="*" secure="true"/></cross-domain-policy>
----------
received policy
Parsing: cross-domain-policy
cross-domain-policy
Parsing: site-control
site-control
permitted-cross-domain-policies: all
Parsing: allow-access-from
allow-access-from
domain: *
Parsing: allow-http-request-headers-from
allow-http-request-headers-from
domain: *
headers: *
secure: true
done parsing policy
crossdomain.xml was succesfully parsed
About to parse url: http://api.gameanalytics.com/1/ping
Checking if http://api.gameanalytics.com/1/ping is a valid domain
Checking request-host: api.gameanalytics.com against valid domain: *
All requirements met, the request is approved
GA initialized, waiting for events..
Our investigation webplayer log in HTTPS (FAIL) :
...
About to parse url: http://api.gameanalytics.com/crossdomain.xml
...
Download had OK statuscode
Received the following crossdomain.xml
----------
<cross-domain-policy><site-control permitted-cross-domain-policies="all"/><allow-access-from domain="*"/><allow-http-request-headers-from domain="*" headers="*" secure="true"/></cross-domain-policy>
----------
received policy
Parsing: cross-domain-policy
cross-domain-policy
Parsing: site-control
site-control
permitted-cross-domain-policies: all
Parsing: allow-access-from
allow-access-from
domain: *
Parsing: allow-http-request-headers-from
allow-http-request-headers-from
domain: *
headers: *
secure: true
done parsing policy
crossdomain.xml was succesfully parsed
About to parse url: http://api.gameanalytics.com/1/ping
Checking if http://api.gameanalytics.com/1/ping is a valid domain
Checking request-host: api.gameanalytics.com against valid domain: *
Rejected because there was no AllowedAcces entry in the crossdomain file allowing this request.
GA detects no internet connection..
Please help ;)
Your answer
Follow this Question
Related Questions
SSL signed by CA validation 0 Answers
Does System.Web.HttpWebRequest support SNI in SSL? 2 Answers
Facebook-crossdomain-https Problem 1 Answer
Is it possible to do ssl certificate pinning in Unity iOS 1 Answer
WWW with HTTPS on Android not working 0 Answers