Find the answer to your question
We are trying to use the Flex SDK in order to use eBay Trading API calls within a flash application, and our application is running fine in Flex environment. However; when we deploy the same code on a web server (localhost or in a remote web server such as: http://localhost:8080/xxxxxx/test.swf ), we got the following error :
What is the problem?
SecurityError: Error #2123: Security sandbox violation ...
The reason for the error is that the secure attribute in <allow-access-from> is set to true in the eBay Trading API crossdomain policy file https://api.ebay.com/crossdomain.xml. As a result, the flex applications served over HTTP cannot access eBay Trading API HTTPS resources.
In genereal, for a Macromedia Flash movie (SWF file) to access a data service that hosted in the other domain ( http://otherdomain.com, for example), a cross-domain policy file must be found in the root of the http://otherdomain.com web server.
For example, crossdomain policy file http://open.api.ebay.com/crossdomain.xml in eBay Shopping Web Service is defined as below, which allows the Flash Player to access the eBay Shopping Web API from any given domains .
<?xml version="1.0" ?>
secure property of the
<cross-domain-policy> tag is set to true in a given data service that hosted in HTTPS, a Flex application that is orginated or the SWF file that is embedded over HTTP is not allowed to access that HTTPS data service.
More information regarding the topic can be found on Flex documents : Loading data across domains and Using HTTPS