Flex工程与Asp.net工程集成发布时若干注意事项

Flex与Web应用集成就其本身技术而言很简单，和静态HTML页面一样，只要把swf文件插入相应的aspx页面即可，只要注意相关的js、css附属文件引用、调用正确即可。

但是当在flex工程中调用了本地文件、调用了web services服务调用了其他http页面时，由于要符合其sandbox安全模型的要求，会导致情况变的复杂，初接触flex必然会对由于发布而引起的各类error搞大头。这里简单做一个总结，并给出相关资源。

1、首先发布flex所在的站点如果用非80端口时，一定要注意了，有一些常用端口在flex安全模型中是被直接block掉的。如果你很不幸把站点deploy在这些端口上，则你的其他应用是正常的，唯独设计flex的页面告诉你" Error:#2156 不能使用http协议访问该端口 "，google都都搜不到，绝对抓狂。

详细信息参考flash_player_9_security.pdf

http://www.adobe.com/devnet/flashplayer/articles/flash_player_9_security.pdf 中的port blocking节。

【

Port blocking

Browsers have restrictions on HTTP access to certain ports, as does Flash Player. Specifically, browsers prevent HTTP requests to special ports that may run servers that can mistake HTTP traffic for the kind of traffic expected on that server. For example, some SMTP servers (port 25, for outgoing mail) apparently may mistake an HTTP POST for a valid SMTP request.

Port blocking also applies to Shared Library importing and the use of the <img> tag in text fields.

The following list shows the ActionScript APIs to which port blocking applies:

FileReference.download(), FileReference.upload(), Loader.load(), Loader.loadBytes(), navigateToURL(),NetConnection.call(), NetConnection.connect(), NetStream.play(), Security.loadPolicyFile(), Socket.connect(), sendToURL(), Sound.load(), URLLoader.load(), URLStream.load(), XMLSocket.connect()

The following lists show which ports are blocked:

HTTP: 20 (ftp data), 21 (ftp control)

HTTP and FTP: 1 (tcpmux), 7 (echo), 9 (discard), 11 (systat), 13 (daytime), 15 (netstat), 17 (qotd), 19 (chargen), 22 (ssh), 23 (telnet), 25 (smtp), 37 (time), 42 (name), 43 (nicname), 53 (domain), 77 (priv-rjs), 79 (finger), 87 (ttylink), 95 (supdup), 101 (hostriame), 102 (iso-tsap), 103 (gppitnp), 104 (acr-nema), 109 (pop2), 110 (pop3), 111 (sunrpc), 113 (auth), 115 (sftp), 117 (uucp-path), 119 (nntp), 123 (ntp), 135 (loc-srv / epmap), 139 (netbios), 143 (imap2), 179 (bgp), 389 (ldap), 465 (smtp+ssl), 512 (print / exec), 513 (login), 514 (shell), 515 (printer), 526 (tempo), 530 (courier), 531 (chat), 532 (netnews), 540 (uucp), 556 (remotefs), 563 (nntp+ssl), 587 (smtp), 601 (syslog), 636 (ldap+ssl), 993 (ldap+ssl), 995 (pop3+ssl), 2049 (nfs), 4045 (lockd), 6000 (x11)

】

2、当你要跨域访问web服务，或者其他任何资源时flex告诉你"SecurityError:Error #2048:安全沙箱冲突:http://xxxxx/xxx/xxx.swf 不能从http://xxx加载数据"的类似错误。这是flex的安全模型所制约的，没有好的办法。需要做的是要在被调用的站点（Web Serverice提供者）的根目录放置一个crossdomain.xml文件即可解决问题。有关crossdomain.xml文件格式的定义可参考cross-domain-policy.dtd，flash 9.0之后的例子配置如下：

【

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
    <site-control permitted-cross-domain-policies="all"/>
    <allow-http-request-headers-from domain="*" headers="*"/>
    <allow-access-from domain="*"/>
</cross-domain-policy>

】

待续.