an erlang application that serves flash cross domain policy files
Switch branches/tags
Nothing to show
Pull request Compare This branch is 2 commits behind saulabs:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
doc
ebin
flashpolicy
include
log
release
src
.gitignore
README.markdown
Rakefile
build.sh
flashpolicy.xml
policyserver
rebar.config

README.markdown

Erlang Flash Policy File Server

###Erlang Server serving flash crossdomain policies on adobe standard port 843, intended for use in production environments.

  • ####Building Server:

      ./build.sh
    
  • ####Configure Policy File:

    Edit flashpolicy.xml and replace <allow-access-from domain="*" to-ports="123" /> port 123 with a comma separated list of ports your flash client should be allowed to connect at, and maybe replace the wildcard domain with the domain that serves your flash file.

  • Starting Production Server:

      sudo ./policyserver start
      
    Notice: You must be __root__ to start the server because it binds by default to the __privileged port__ 843.
    
  • ####Testing Server:

      perl -e 'printf "<policy-file-request/>%c",0' | nc 127.0.0.1 843
      
      # or
      
      ./policyserver test
    
  • ####Reload Policy File:

    If you modified the flashpolicy.xml file, you can reload it during runtime using ./policyserver reload.

  • ####Extended Server Configuration:

    The server can be configured in the env section of either the src/flashpolicy.app.src file or the ebin/flashpolicy.app file. If you edit the src/flashpolicy.app.src file you must run ./build.sh again, that will copy it to the ebin directory and overwrite the ebin/flashpolicy.app file. Changing the server configuration requires a server restart: ./policyserver stop && sudo ./policyserver start.

        {env, [
          {policy_file, "./flashpolicy.xml"},  %% string(): policyfile to serve
          {enable_logging, true},              %% boolean(): enable or disable logging
          {logfile_path, "./log/"},            %% string(): path to logfiles. must end with path separator '/'
          {listen_at_interface, any},          %% any | e.g. {192,168,0,2}: the ip address as tuple to bind at, or 'any' to listen at all interfaces
          {port, 843},                         %% integer(): the port to listen at
      
          {bind_also_at, []}                   %% [{interface(), port(), policy_file()}]: additional interfaces and ports to listen at, e.g [{any, 8080, "./otherPolicy.xml"}]
        ]}
    

    bind_also_at can be used to serve different policy files at different ports or interfaces.

  • ####Logging:

    Logging can be enabled or disabled during runtime using ./policyserver enable-logging or ./policyserver disable-logging. The default logging directory is ./log.