crossdomain.xml for Flash applications
Short, concise description of the idea
Allow Flash (and Flex) based applications hosted on other servers to access LiveJournal's resources and APIs.
Full description of the idea
Applications written using the Flash (and Flex) platform cannot access resources on LiveJournal.com directly because of a built in security restriction in the Flash player. This includes images, web pages and even RSS feeds.
By default Flash player will only allow applications to access the server from which the application was downloaded unless the server in question has a crossdomain.xml file which grants access.
A crossdomain.xml policy file is a very simple file that lives on the root of the webserver. For instance, for livejournal it would be:
Right now, a Flash application hosted on another domain (e.g. http://www.mydomain.com) can't access anything on LiveJournal's servers.
The usual work around for a lack of cross domain policy file is for the Flash/Flex application developers to write some code that sits on their own server and accesses LiveJournal on behalf of the Flash application, essentially acting as a proxy. However, this is an extra burden for application developers who may desire to quickly put together something interesting or useful in a rich internet application and may not have access to a server environment more advanced than simple webspace.
The crossdomain.xml file is quite simple, see this URL for detail about the syntax:
See this URL for more information on the syntax of the cross domain policy file:
Thanks in advance!
- Allow Flash and Flex developers to write rich internet applications and mashups using the resources and APIs hosted at LiveJournal.
- Allow Flash applications to use LiveJournal's OpenID server directly.
- More people developing applications for LiveJournal, leading to more visibility of LiveJournal throughout the Flash/Flex community.
- Additional server load due to more applications accessing LiveJournal, though not significantly at first and it should be easy to monitor as the user-agent header is set to something sensible by Flash player.