Once I'm logged into Jira using the SOAP API I've been able to get the file path of a Jira attachment (swf/jpg file) in order to load it on my domain.
Specifically for loading SWF files I need the path of a crossdomain.xml file which is supposed to exist on the Jira domain.
Can you please help me to get that path? or confirm if it doesn't exist?
Thanks in advance,
Thanks Everyone for your help.
I've realized what the issue is: On the Jira environment .swf attachments are served with the "Content disposition" header set to "attachment". According to the adobe specifications swf served as attachments won't load from Flash Player 10, this header should be set to "inline", but this should be set by the Jira administrators.
The main simplest rule is that the crossdomain file must be accesible from the root of the same domain than the remote resource. For example, if you want to download this file:
then the crossdomain must be downloadbale from:
Depending on weteher you are using a Web Server (like Apache or IIS) or an Application Server (like Tomcat/JIRA) then the path on your hard disk is different.
Please, keep in mind that the doamin concept is formed by the (1) protocol, (2) domain name and (3) port number (The IP 127.0.0.1 and localhost are in different domains, for instance).
The problem is not where the SWF is located, the problem is where the SWF access to.
Server A: hosts the SWF file.
You download the SWF from the Server A into your PC.
Server B: host the file to download.
The SWF (from your PC) tries to access to the resource located in the Server B.
Due the Flash Player security sandbox, the SWF can access to the server A only (because it was hosted on A). Before to invoke to any other server fiffent than A, the Flash Player downloads the crossdomain.xml from the target server (B) in order to verify that it authorizes the access from 3rd party flash applications.
The main reason for the crossdomain.xml is avoiding to use Flash as gateway to acccess to any Internet site. For example: You might open a link from an email which opens a page with an invisible SWF file (so it would run on your PC): without the crossdomain.xml restriction, the hacker could use the SWF application (your PC) to access to anywhere. That would be extremly powerful (for hackers) and dangerous (for users).
Hope this helps,
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG