Flash Policy setup instructions¶
When you can't connect to a server and the client shows a security sandbox violation message, the server the IRCd is running on does not allow connections from a Flash client.
Due to the socket security policy Adobe introduced with Flash Player 9,0,124 you are forced to have a daemon that delivers a crossdomain.xml to allow establishing a connection.
It is not a restriction by lightIRC, but one of Adobe Flash!
Linux¶To install a flash policy server on linux you need to do the following:
- Download our prepared flashpolicyd (based on the flashpolicyd project):
> wget http://www.lightirc.com/release/flashpolicyd.zip > unzip flashpolicyd.zip > cd flashpolicyd > chmod a+x flashpolicyd.rb
- Make sure you have Ruby installed. If you have not, you can maybe install it with one of the following commands depending on your Linux distribution or through compiling the Ruby sources:
> apt-get install rubyor
> yum install ruby
- Start flashpolicyd
> ./flashpolicyd.rb --xml flashpolicy.xml --logfile flashpolicyd.log
- Verify that flashpolicyd is running:
> tail flashpolicyd.log
If you see this message the flashpolicyd started succesfully:
"Starting server on port xxx in process xxx"
Possible errors and their solution¶
If you get this error:
"Can't open server: Errno::EACCES Permission denied - bind(2)"It means your tried to start the flashpolicyd on a port below 1024, which requires root access. Start the daemon as root (On debian systems you can use the command sudo for this) or use the following command:
> ./flashpolicyd.rb --xml flashpolicy.xml --logfile flashpolicyd.log --port 8002
Your flashpolicyd is now started as a normal user with a different port. You must pass policyPort=8002 as a parameter to lightIRC.swf when starting flashpolicyd like this!
We recommend the use of Silverlight and Flash Policy File Server
Download it from the project website, change the listening port in policyserver.exe.config to 843, put the following XML into policyfile.xml and start the application using policyserver.exe.
1<?xml version="1.0"?> 2<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"> 3<cross-domain-policy> 4 <site-control permitted-cross-domain-policies="master-only"/> 5 <allow-access-from domain="*" to-ports="6667" /> 6</cross-domain-policy>