问题描述
我试图写一个使用任何地方(网络,空调,手机)的OAuth库AS3足够灵活以任何OAuth的或附近的OAuth使用。我的示例应用程序我写与谷歌进行身份验证,我想编写使用谷歌驱动的应用程序。
目前,空军和移动应用程序工作正常,但网页Flash播放器的应用程序不断给我这个错误:
错误#2044:未处理的securityError:。文本=错误#2048:安全沙箱冲突:HTTP://本地主机:81 / OAuthWebExample.swf不能从https://accounts.google.com/o/oauth2/token加载数据。
(我得到同样的错误的端口80上的非本地主机域时)
我已经看过 https://accounts.google.com/crossdomain.xml 这有:
<现场控制允许交叉域策略=由内容型/>
我不知道这是什么意思?
我是pretty的肯定,这是有可能得到闪存去跟这些谷歌的API。我能做些什么来得到这个工作?
(我不感兴趣,在工作轮在您使用Feedburner的或类似的东西来代理这些调用感谢)。
这是主策略文件,它不授予权限 accounts.google.com 站点的内容(没有的节点withing),这样flash播放器闪光的securityError
这意味着:
因此,似乎它的设计为子域名服务和儿童的crossdomain.xml 文件,所以你不能直接从 accounts.google加载数据.COM 。我发现了同样的问题,谷歌的OAuth 闪存Google OAuth的问题的/crossdomain.xml使用Flex ,他们必须使用旧的AuthSub (它使用 accounts.googleapis.com 适当的crossdomain.xml )解决了身份验证问题,它似乎没有被改变的过去两年。
I am trying to write a use-anywhere (web, air, mobile) OAuth library for AS3 that is flexible enough to use with any OAuth site or near OAuth.My sample app I am writing authenticates with Google and I want to write an app that uses google drive.
At the moment the Air and mobile apps work fine but the web flash player app keeps giving me this error:
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://localhost:81/OAuthWebExample.swf cannot load data from https://accounts.google.com/o/oauth2/token.
(I get the same error when on a non-localhost domain on port 80)
I have looked at https://accounts.google.com/crossdomain.xml which has:
<site-control permitted-cross-domain-policies="by-content-type" />
I am not sure what that means...
I am pretty sure that it is possible to get flash to talk to these google APIs. What can I do to get this to work?
(I'm not interested in the "work round" where you use feedburner or something similar to proxy these calls thanks).
It's the master policy file and it doesn't grant permissions to the content of accounts.google.com domain (there isn't allow-access-from nodes withing it), so flash player fires securityError
So it seems it's designed for sub-domain services and child crossdomain.xml files so you can't load data directly from accounts.google.com. I found the same issue with Google OAuth for flash Google Oauth crossdomain.xml problem with Flex and they have to use old AuthSub (it uses accounts.googleapis.com with proper crossdomain.xml) to solve the auth problem and it seem nothing were changed for the past two years.
这篇关于错误#Unhandled的securityError访问https://accounts.google.com的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!