search

netzerodash / fl-ftp

Automatically exported from code.google.com/p/fl-ftp
1 stars 0 forks source link

Security Sandbox violation - Adobe AIR #1

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Always occurs after an upload

Throws an unhandled securityEror
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox
violation: app:/myApp.swf cannot load data from 00.000.00.000:43438.

I'm using Flex 3.3 - Adobe AIR 1.5.1. Occurs on all OS platforms.

Original issue reported on code.google.com by jeroenco...@gmail.com on 22 Jun 2009 at 2:19

GoogleCodeExporter commented 9 years ago 
Hello,

I am getting the same kind of error.

- the FTPClient can establish a connection and communicate with the server on 
the port 21
- the application gets sandbox error whenever it tries to open a socket which 
port is
given by the server (usually > 1024)

Any idea why ?

Original comment by uwhpla...@gmail.com on 6 Nov 2009 at 5:15

GoogleCodeExporter commented 9 years ago 
First of all, thanks for your hard working on the open source project. I got 
the same 
problem, the environment i used is Win7, flash player 10, i have test it using 
Flex 
2.0.1 hot fix 3, Flex 3.2 and Flex 4, running both in AIR and web server. I 
have try 
several ways to handle the error followed the suggestion by Adobe to use 
System.allowDomain() and the crossdomain.xml, but still not work. The error 
occurs when 
the application try to create a PASV socket.

Original comment by phoenixa...@gmail.com on 8 May 2010 at 11:39

GoogleCodeExporter commented 9 years ago 
Hello

This is a Flash limitation, no connections to port < 1024. Normally, you can 
workaround this with a cross-domain policy file on the server. But in our case, 
all the FTP servers should be patched, so it is not possible to avoid this.

securityError:SecurityErrorEvent — Dispatched if a call to Socket.connect() 
attempts to connect either to a server outside the caller's security sandbox or 
to a port lower than 1024. You can work around either problem by using a 
cross-domain policy file on the server. For more information about policy files 
for sockets, see the "Flash Player Security" chapter in Programming 
ActionScript 3.0.

And here is an interesting issue for the XML socket, which should not apply in 
our case since pl.maliboo.ftp.FTPSocket extends flash.net.Socket and not 
flash.net.XMLSocket. But still it is interesting, and it comes from 
http://www.igorcosta.com/flex3/doc/flash/net/XMLSocket.html

The XMLSocket.connect() method can connect only to TCP port numbers greater 
than or equal to 1024. One consequence of this restriction is that the server 
daemons that communicate with the XMLSocket object must also be assigned to 
port numbers greater than or equal to 1024. Port numbers below 1024 are often 
used by system services such as FTP, Telnet, and HTTP, so XMLSocket objects are 
barred from these ports for security reasons. The port number restriction 
limits the possibility that these resources will be inappropriately accessed 
and abused.

Original comment by alexandr...@gmail.com on 28 Mar 2011 at 8:36

GoogleCodeExporter commented 9 years ago 
Hi. I need a class or a library for send files in ftp cloud on the AIR

Original comment by lucas.pa...@aesapar.com on 26 Feb 2013 at 2:31