At mydeo, our crossdomain.xml file is not stored at the root of our domain(s). If you’re trying to access http://ht.cdn.mydeo.net/crossdomain.xml or http://mydeo.vo.llnwd.net/crossdomain.xml and wondering why they aren’t working, that’s because they’re not there!
Mydeo does not use a wildcard crossdomain.xml file, meaning that if your domain is not already listed in our crossdomain.xml, you will need to request it is added first. Then, follow the steps below to get your Flash application working correctly.
If the files you want to access are hosted on any of the following domains, you will need to append “/o1/u/m3/crossdomain.xml” to the root paths:
It is common belief that crossdomain.xml needs to be at the root of a domain, but this requirement can be worked around by utilizing the following commands in your application:
These two commands were designed to allow the crossdomain.xml file to be loaded from anywhere within the domain tree and should be used as follows (choose based on the URL of the content you are attempting to access):
- For content referenced via http://ht.cdn.mydeo.net:
- For content referenced via http://mydeo.vo.llnwd.net:
These must commands must be executed prior to loading any objects inside your SWF or it will have non-deterministic results (almost certainly failure to load).
Additionally, in Flash 10, the default header has been changed to ‘Master-Only’, this is the only significant change that has been made.
To deal with this, Limelight Networks does a header injection for calls to the crossdomain.xml on the root domain file which adds the following:
- X-Permitted-Cross-Domain-Policies: all
This header permits Flash to look in the location specified for the crossdomain.xml file in the o1/u/m3 subdirectory.