Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Load Jira attachment on another domain (get crossdomain.xml reference)

Erik Bonilla
Erik Bonilla April 23, 2013

Hello Everyone,

Once I'm logged into Jira using the SOAP API I've been able to get the file path of a Jira attachment (swf/jpg file) in order to load it on my domain.

Specifically for loading SWF files I need the path of a crossdomain.xml file which is supposed to exist on the Jira domain.

Can you please help me to get that path? or confirm if it doesn't exist?

Thanks in advance,

Erik

Answer
Watch
Like Be the first to like this
256 views

4 answers

1 accepted

0 votes
Answer accepted
Erik Bonilla
Erik Bonilla May 24, 2013

Thanks Everyone for your help.

I've realized what the issue is: On the Jira environment .swf attachments are served with the "Content disposition" header set to "attachment". According to the adobe specifications swf served as attachments won't load from Flash Player 10, this header should be set to "inline", but this should be set by the Jira administrators.

Thanks,

Erk

Reply
1 vote
Kinto Soft
Kinto Soft
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 9, 2013

The main simplest rule is that the crossdomain file must be accesible from the root of the same domain than the remote resource. For example, if you want to download this file:

http://myserver:port/applicationcontext/somepath/myfile.jpg

then the crossdomain must be downloadbale from:

http://myserver:port/crossdomain.xml

Depending on weteher you are using a Web Server (like Apache or IIS) or an Application Server (like Tomcat/JIRA) then the path on your hard disk is different.

Please, keep in mind that the doamin concept is formed by the (1) protocol, (2) domain name and (3) port number (The IP 127.0.0.1 and localhost are in different domains, for instance).

View More Comments
Erik Bonilla
Erik Bonilla May 10, 2013

Thanks Pablo,

The point is that I should play a SWF which is located on the jira domain, but I don't have access to the jira server in order to put the crossdomain.xml file. Is there any way to request the jira administrators to post that file?

Regards,

Erik

Like
Kinto Soft
Kinto Soft
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 10, 2013

The problem is not where the SWF is located, the problem is where the SWF access to.

-----------------

Example:

Server A: hosts the SWF file.

You download the SWF from the Server A into your PC.

Server B: host the file to download.

The SWF (from your PC) tries to access to the resource located in the Server B.

----------------

Due the Flash Player security sandbox, the SWF can access to the server A only (because it was hosted on A). Before to invoke to any other server fiffent than A, the Flash Player downloads the crossdomain.xml from the target server (B) in order to verify that it authorizes the access from 3rd party flash applications.

The main reason for the crossdomain.xml is avoiding to use Flash as gateway to acccess to any Internet site. For example: You might open a link from an email which opens a page with an invisible SWF file (so it would run on your PC): without the crossdomain.xml restriction, the hacker could use the SWF application (your PC) to access to anywhere. That would be extremly powerful (for hackers) and dangerous (for users).

Hope this helps,

Pablo

Like
Reply
0 votes
Yilin
Yilin
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 24, 2013

This file does not exist natively in JIRA, you probably need to create it your self.

Reply
0 votes
Yilin
Yilin
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 24, 2013

This file does not exist natively in JIRA, you probably need to create it your self.

View More Comments
Erik Bonilla
Erik Bonilla May 9, 2013

Hi Yilin,

I can't create the crossdomain file as it shouldn't live on my domain but on the jira domain.

Do you know about permission issues when trying to load jira attachments?

Regards,

Erik

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events