I am trying to access files in Amazon S3 bucket with SSL with ActionScript3.
我正在尝试使用带有ActionScript3的SSL访问Amazon S3存储桶中的文件。
When I use this format...
当我使用这种格式时......
https://s3.amazonaws.com/bucket.name/filename
I get security sandbox error. "Error #2048: Security sandbox violation: "
我收到安全沙箱错误。 “错误#2048:安全沙箱违规:”
When I switch to this format...
当我切换到这种格式......
https://bucket.name.s3.amazonaws.com/filename
It works like a charm (until I try it on a browser other than Firefox). It generates a certificate error (host name mismatch) for the other browsers. Once I add exceptions it works fine. But that's not practical.
它就像一个魅力(直到我在Firefox之外的浏览器上尝试它)。它会为其他浏览器生成证书错误(主机名不匹配)。一旦我添加异常,它就可以了。但这不切实际。
Third option which would be the ideal version...
第三种选择,这将是理想的版本......
https://www.myowndomain.com/filename
... generates the same security violation for all browsers. Needless to say, the domain is mapped to the bucket.
...为所有浏览器生成相同的安全违规。不用说,域被映射到存储桶。
The bucket has its own crossdomain.xml.
存储桶有自己的crossdomain.xml。
The files are custom binary files.
这些文件是自定义二进制文件。
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<site-control permitted-cross-domain-policies="all"/>
</cross-domain-policy>
I went thru the security white paper and new rules for Flash Player 10. No luck so far.
我通过安全白皮书和Flash Player 10的新规则。到目前为止没有运气。
Any ideas?
Ok it gets more interesting, and I suspect this is causing the problem. While sanitizing the name of my bucket, I oversimplified. My bucket name has a dot in it and appearently it is not a good thing.
好吧它变得更有趣,我怀疑这是导致问题的原因。在清理我的桶的名称时,我过于简单了。我的桶名在其中有一个点,显然它不是一件好事。
http://faindu.wordpress.com/2008/12/18/amazon-s3-flash-crossdomainxml-ie7-certifacte-error/
So I would appreciate it, if there is an alternative to that.
如果有替代方案,我将不胜感激。
2 个解决方案
#1
This is due to browser restrictions. Also, if you trying to access S3 from AS3 then you'll probably fine the AS3 API quite useful though this too runs into browser restrictions:
这是由于浏览器的限制。此外,如果您尝试从AS3访问S3,那么您可能会对AS3 API非常有用,尽管这也会影响浏览器限制:
This is an AS3 library for accessing Amazon's S3 service. It only works in Apollo because of restrictions in the browser player.
这是一个用于访问Amazon S3服务的AS3库。由于浏览器播放器的限制,它仅适用于Apollo。
#2
During your troubleshooting, did you enable the Flash Player's policy file logging feature? You can get more specific information behind the sandbox violation error. Read the following to learn how to set up policy file logging: Policy file changes in Flash Player 9 and Flash Player 10
在排除故障期间,您是否启用了Flash Player的策略文件记录功能?您可以获取沙箱违规错误背后的更多具体信息。阅读以下内容以了解如何设置策略文件日志记录:Flash Player 9和Flash Player 10中的策略文件更改
Personally, I suspect you should be able to get your third option to work, at least, since you'd be able to host a crossdomain.xml at the root location of https://www.myowndomain.com/crossdomain.xml -- but let's see what you have in your crossdomain.xml. I suggest you post a copy here, sanitized if necessary. And, tell us, what kind of files are you trying to load in the player?
就个人而言,我怀疑你应该能够让你的第三个选项工作,至少,因为你可以在https://www.myowndomain.com/crossdomain.xml的根位置托管一个crossdomain.xml - - 但是让我们看看你的crossdomain.xml中有什么。我建议你在这里发一份副本,必要时进行消毒。并且,告诉我们,您尝试在播放器中加载哪种文件?
#1
This is due to browser restrictions. Also, if you trying to access S3 from AS3 then you'll probably fine the AS3 API quite useful though this too runs into browser restrictions:
这是由于浏览器的限制。此外,如果您尝试从AS3访问S3,那么您可能会对AS3 API非常有用,尽管这也会影响浏览器限制:
This is an AS3 library for accessing Amazon's S3 service. It only works in Apollo because of restrictions in the browser player.
这是一个用于访问Amazon S3服务的AS3库。由于浏览器播放器的限制,它仅适用于Apollo。
#2
During your troubleshooting, did you enable the Flash Player's policy file logging feature? You can get more specific information behind the sandbox violation error. Read the following to learn how to set up policy file logging: Policy file changes in Flash Player 9 and Flash Player 10
在排除故障期间,您是否启用了Flash Player的策略文件记录功能?您可以获取沙箱违规错误背后的更多具体信息。阅读以下内容以了解如何设置策略文件日志记录:Flash Player 9和Flash Player 10中的策略文件更改
Personally, I suspect you should be able to get your third option to work, at least, since you'd be able to host a crossdomain.xml at the root location of https://www.myowndomain.com/crossdomain.xml -- but let's see what you have in your crossdomain.xml. I suggest you post a copy here, sanitized if necessary. And, tell us, what kind of files are you trying to load in the player?
就个人而言,我怀疑你应该能够让你的第三个选项工作,至少,因为你可以在https://www.myowndomain.com/crossdomain.xml的根位置托管一个crossdomain.xml - - 但是让我们看看你的crossdomain.xml中有什么。我建议你在这里发一份副本,必要时进行消毒。并且,告诉我们,您尝试在播放器中加载哪种文件?