Wednesday, 26 October 2016

security - Watson API access from adobe action script 3

I'm trying to access the Watson Text to Speech API thru an action script 3 flash application. As you known Adobe implement a new security features to restrict the access across domains using a mechanism that use a rules based xml configuration file (crossdomain.xml). In my case the below error is raised when the script is executed:




Source code:





package
{
import flash.net.URLRequest;
import flash.net.URLRequestHeader;
import flash.net.URLLoaderDataFormat;
import flash.net.URLLoader;

import flash.net.URLVariables;
import flash.net.URLRequestMethod;
import flash.events.Event;
import flash.events.HTTPStatusEvent;
import flash.events.SecurityErrorEvent;
import flash.events.IOErrorEvent;

public class Greeter
{
public function sayHello():String

{

var params:Object = {user:"John",password:"secret"};

var request:URLRequest = new URLRequest();
request.url = "https://watson-api-explorer.mybluemix.net/text-to-speech/api/v1/voices";
request.contentType = "application/json";
request.method = URLRequestMethod.POST;

request.data = JSON.stringify(params);


var contentTypeHeader:URLRequestHeader = new URLRequestHeader("Content-Type","application/json");
var acceptHeader:URLRequestHeader = new URLRequestHeader("Accept","application/json");
var formDataHeader:URLRequestHeader = new URLRequestHeader("Content-Type","application/json");
var authorizationHeader:URLRequestHeader = new URLRequestHeader("Authorization","Basic YjcxYWUwNTMtZTJmYi00ZmQzLWFiMTctOTRjYTc2MzYzYWE3OlZ5dU9VZ0w3ak1zVw==");

request.requestHeaders = [acceptHeader,formDataHeader,authorizationHeader,contentTypeHeader];

var postLoader:URLLoader = new URLLoader();
postLoader.dataFormat = URLLoaderDataFormat.BINARY;

postLoader.addEventListener(Event.COMPLETE, loaderCompleteHandler);
postLoader.addEventListener(HTTPStatusEvent.HTTP_STATUS, httpStatusHandler);
postLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, securityErrorHandler);
postLoader.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);

try
{
postLoader.load(request);
}
catch (error:Error)

{
trace("Unable to load post URL");
}

var greeting:String;
greeting = "Prueba de conexión a Watson!";
return JSON.stringify(request.data);
}

private function loaderCompleteHandler(event:Event):void

{
trace("loaderCompleteHandler: ");
}

private function httpStatusHandler(event:HTTPStatusEvent):void
{
trace("httpStatusHandler: ");
}

private function securityErrorHandler(event:SecurityErrorEvent):void

{
trace("securityErrorHandler: " + event);
}

private function ioErrorHandler(event:IOErrorEvent):void
{
trace("ioErrorHandler: " + event);
}
}
}




Console output:





[trace] Advertencia: Error al cargar el archivo de política desde https://watson-api-explorer.mybluemix.net/crossdomain.xml
[trace] *** Violación de la seguridad Sandbox ***
[trace] Se ha detenido la conexión con https://watson-api-explorer.mybluemix.net/text-to-speech/api/v1/voices - no se permite desde http://garragames.com/garra-x/Tick.swf

[trace] 05:45:44 PM | err | [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2170: Security sandbox violation: http://garragames.com/garra-x/Tick.swf cannot send HTTP headers to https://watson-api-explorer.mybluemix.net/text-to-speech/api/v1/voices."]
[trace] Error #2044: Unhandled securityError:. text=Error #2170: Security sandbox violation: http://garragames.com/garra-x/Tick.swf cannot send HTTP headers to https://watson-api-explorer.mybluemix.net/text-to-speech/api/v1/voices.



¿Exist another option to access the API from Action Script Flash App?

No comments:

Post a Comment

c++ - Does curly brackets matter for empty constructor?

Those brackets declare an empty, inline constructor. In that case, with them, the constructor does exist, it merely does nothing more than t...