So I started work on my first two Facebook applications this week. They are both Flash Christmas games I’m making for Creative Lynx Ltd. They designed and planned them and I’m putting the mechanics into place. When we started testing both the apps certain people where getting an error message popping up in their virus scanners:
Error: Permission denied for <[Server Path Edited Out]> (document.domain has not been set) to call method Location.toString on <[Server Path Edited Out]> (document.domain=<[Server Path Edited Out]>).
Took a while of searching before I got to the solution. It seems to be down to the crossdomain.xml file we’re using on the server. The whole thing including the solution is written about here on Perone’s Programming Pad. In case the page ever goes down I’m making a copy of the before and after XML files that are used to sort this out.
Here’s the XML file as it stood when we were having the problem:
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*" />
</cross-domain-policy>
Here’s the XML file that fixes the problem:
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*" />
</cross-domain-policy>
He talks about it showing up in Firefox’s error console. I’m guessing that Trend Antivirus is keeping an eye on the error console and flagging it up due to that. All the people that reported the problem work in the same office and have a network install of Trend i.e. they are all using the same version.