I guess the thing I'm wondering about is the "C|" in the path - I have a feeling that's your problem - FL3.1 appears to handle "|" differently.

Ah - I just noticed that you upgraded your desktop player to Flash 7 - yes, that definitely affects things.  Flash 7 has a much, much tighter security policy than previous versions of Flash.  You can try republishing your movie as Flash 6 - that may lower the security to more lenient levels.

Flash 8 through 10 tighten the policies even further. The security policy rules are pretty well documented on Adobe's site.

They should be - however, I'd try replacing the line:

  <allow-access-from domain="*192.168.1.*" />

with

  <allow-access-from domain="192.168.1.*" />

Note the removal of the leading "*".

On the chumby itself, you can ssh into the device and issue the "stop_control_panel; start_control_panel" and see a log of what's going on - you should see the fetch for the crossdomain file and see what it's complaining about.

It's possible - it's hard to know without taking a look at the actual code.

Hi,
   as a general note I have found that crossdomain issues usually give weird errors e.g. if your crossdoain file has an error flash looks for another one in usual places (root etc). Then if this is not there you get an error based on this file not the one you specified.

Not sure if this will help but I do it as follows.

The script that delivers data also delivers policy based on the argument provided.

In SWF says

    System.security.loadPolicyFile("http://"+ipaddress+"/cgi-bin/custom/ipusage.pl?POLICY");

In my script (perl) in  /www/cgi-bin/custom/ipusage.pl it says

$request = uc($ENV{'QUERY_STRING'});

if ($request eq "POLICY") # URL requests policy
  {
    # send the crossdomain policy file

    print "Content-type:text\/xml\r\n\r\n";
    print "<\?xml version=\"1.0\"\?>\r\n\r\n";
    print "<\!-- my crossdomain file -->\n";
    print "<cross-domain-policy>\n";
    print "  <allow-access-from domain=\"\*.chumby.com\" \/>\n";
    print "<\/cross-domain-policy>\n";

  }

hope it helps.

cheers

Nigel

I guess I am totally stumped on this one... It's almost like the crossdomain.xml file is being ignored. Thanks for all the help.

EDIT: I forgot to mention that I got a new router a few days ago. Maybe something is turned off at the router? Some port?

Regards,
Jose

Hi All,

Thanks for all your help. My problem actually had nothing to do with crossdomain policy files OR security. As it turns out, I inadvertently added an extra empty frame in one of my components that get instantiated on the stage, which caused really crazy behavior. Not sure why the player thought this was a Security Sandbox violation...

For what it's worth, I am learning a lot about flash security.

Regards,
Jose