This is a simple Ruby-based policy server to serve Flash’s crossdomain.xml policy file.
The web is increasingly realtime, but websockets still aren’t supported on older browser clients. Many server push libraries (e.g. socket.io) attempt to use websockets, with a Flash fallback. Others (amqp.js, for instance) are Flash only.
When using Flash sockets, it’s necessary to have a policy server running on port 843, in order to set cross domain policy. This library does the job.
Because Adobe was kind enough to pick a low port (843), the server needs to be run as root:
sudo flash_policy_server
If you don’t yet have a crossdomain.xml in your current working directory, you’ll be prompted to make one before the server can start. NB: the sample crossdomain.xml in the usage prompt is the most permissive possible policy.
You should read up on the uses of crossdomain.xml if you don’t understand the security implications of this file. It’s here:
www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html
gem install flash_policy_server
Note: If you’re using Ruby 1.9 and RVM, you’ll need to run the server as:
rvmsudo flash_policy_server
See ruby.about.com/od/rubyversionmanager/qt/Rvm-And-Sudo.htm for an explanation.
Don’t like running stuff as root? Run it in a docker container. Customize the crossdomain.xml file if you need (in the /docker directory) and then rebuild;
cd docker docker build -t="flash_policy_server" .
Then run it in the background;
docker run -d flash_policy_server
-
Check out the latest master to make sure the feature hasn’t been implemented or the bug hasn’t been fixed yet
-
Check out the issue tracker to make sure someone already hasn’t requested it and/or contributed it
-
Fork the project
-
Start a feature/bugfix branch
-
Commit and push until you are happy with your contribution
-
Make sure to add tests for it. This is important so I don’t break it in a future version unintentionally.
-
Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
Copyright © 2011-2018 Dave Hrycyszyn. See LICENSE.txt for further details.