You are not logged in.

Security Error

Dear visitor, welcome to krpano.com Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

Andrew

Beginner

  • "Andrew" started this thread

Posts: 14

  • Send private message

1

Thursday, April 29th 2010, 12:20pm

Security Error

Hi,
I'm attempting to host my pano images on a content delivery network, specifically Rackspace Cloudfiles, which is on a different domain to where krpano is hosted. I get this error in krpano player for each of the images:

ERROR: Security Error - "http://cxxxxx.cdn.cloudfiles.rackspacecloud.com/filename.jpg"

My XML looks like this:

Source code

 
1
2
3
4
5

<image type="CUBE" multires="true" tilesize="579">
		<level tiledimagewidth="3183" tiledimageheight="3183">
			<left  url="http://cxxxxx.cdn.cloudfiles.rackspacecloud.com/l3_l_%0v_%0h.jpg" />
			<front url="http://cxxxxx.cdn.cloudfiles.rackspacecloud.com/l3_f_%0v_%0h.jpg" />
			etc.


I thought it may be a cross-domain problem so I added this to my XML:

Source code

 
1
2
3

<security>
	<allowdomain domain="*" />
</security>


That didn't fix the problem, so I tried this:

Source code

 
1
2
3

<security>
	<crossdomainxml url="http://www.mysite.com/crossdomain.xml" />
</security>


...with this in the crossdomain.xml file:

Source code

 
1
2
3
4

<?xml version="1.0"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
  <allow-access-from domain="*"/>
</cross-domain-policy>


...no joy.

I'm confused about where the crossdomain.xml is supposed to go. Some threads in the forum say "on the other server" some say "root of your server". I've tried both, but the problem persists.

Has anyone attempted a similar thing with a CDN, perhaps Amazon S3 or similar?

Any suggestions much appreciated.

Thanks,
Andrew

klaus.krpano

Administrator

Posts: 13,479

  • Send private message

2

Thursday, April 29th 2010, 12:38pm

Hi,

this crossdomain.xml must be on the same server as the external images,
is this the case?

best regards,
Klaus

Andrew

Beginner

  • "Andrew" started this thread

Posts: 14

  • Send private message

3

Friday, April 30th 2010, 4:13am

Hi Klaus,
yes, crossdomain.xml resides in the same CDN container as the image files. I found this article by RackSpace http://cloudfiles.rackspacecloud.com/ind…_Flash_Examples and have used the same crossdomain.xml file they suggest, but I still get the security errors.

crossdomain.xml

Source code

 
1
2
3
4
5
6
7

<?xml version="1.0"?>
 <!DOCTYPE cross-domain-policy SYSTEM"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> 
  <cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
   <allow-access-from domain="*"/>
   <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
  </cross-domain-policy>

Andrew

Beginner

  • "Andrew" started this thread

Posts: 14

  • Send private message

4

Friday, April 30th 2010, 5:36pm

It looks like it may be a problem on the krpano player / XML side.

I have a krpano plugin that launches videos from a menu. It uses its own XML config file to get the URLs of the videos. I have now set the URLs of the videos to their respective locations in a container on the CDN and they all load perfectly.

Andrew

Beginner

  • "Andrew" started this thread

Posts: 14

  • Send private message

5

Thursday, May 6th 2010, 7:51am

I found the problem. The cross-domain policy file uploaded as application/octet-stream to the CDN container, a symptom of Rackspace's browser-based upload utility I'm guessing. I deleted the policy file and uploaded another through FireUploader so it now has the correct mime type of text/xml. All works perfectly.

I'm still baffled as to why the policy file I used in the video container that has an app/octet-stream mime type works for the videos loaded by the plugin *confused*

sxgc0477

Beginner

Posts: 1

  • Send private message

6

Saturday, August 10th 2013, 8:19am

I had the same question when I use S3 as the cloud resource container

I had the same question when krpano loading the xml (loading error[Security Error]).use S3 as the cloud resource container.
Anybody when knows the true reason.

Similar threads