Cross-domain policy and sockets

File Transfer Graffiti
Image by Micah68 via Flickr

We needed to build a socket FTP client in FLEX. When done we ran into the problem on how to setup a cross-domain policy file which we never tried before. This post is based on Flash Player version 10 and above. Older versions work in other ways so please compile for ver. 10.

I will not go through all the things we did wrong and all the steps needed to set this up. But I will underline the things that set us on the right track, things that are of major importance to get this working.

HTTP based policy file out of the question
You might be tempted to use HTTP-based policy-file retrieval which will work for any port above 1024! So for FTP this is out of the question!

Socket based policy file retrieval
Setting up a socket server just to serve the policy XML file seems strange but is needed. You can setup the socket server in PHP, Python, Java or any other language that supports sockets.

You need to open up a port on which the socket server can monitor the requests. Adobe recommends port 843. It is important that the socket server port is set below 1024. FTP usually resides at port 21 and if the policy socket is above 1024 it cant give you access to ports below 1024. So stay below 1024!

Read this
To get a working socket server read the following post at

Hope that this few steps will help you get this working faster then we did.

Reblog this post [with Zemanta]

One Reply to “Cross-domain policy and sockets”

  1. Thanks for clarifying the need for a socket server to serve the policy file. I reviewed the Adobe article and the PDF it links to. Buried in that document, they have a disclaimer that reads

    “Note:Policy files for sockets should always be socket-based. URL policy files from an HTTP source should not be used to provide permissions to socket connections.”

Comments are closed.