I’m in the process of developing a new Flex 3 RIA, and the server code is not yet written, so I’m using static XML files to provide data while I build out the UI functionality. The XML files are stored on my development machine in a subdirectory of the folder that holds the main SWF. It’s all a very standard setup, and I was successfully loading two files from the same subdirectory, so I was very surprised this morning when I got a security sandbox error:
Error #2070: Security sandbox violation: caller cannot access Stage owned by .
As implied by the reference to “Stage owned by”, this error is supposed to occur when you are loading a SWF from an unauthorized domain. I did some quick searching on Google, and everything I looked at had to do with loading a SWF. The stack trace did not clarify the issue either:
[RPC Fault faultString="Error #2070: Security sandbox violation:caller cannot access Stage owned by ." faultCode="Client.CouldNotDecode" faultDetail="null"] at mx.rpc.http::HTTPService/http://www.adobe.com/ 2006/flex/mx/internal::processResult() [E:\dev \3.0.x\frameworks\projects\rpc\src\mx\rpc\http \HTTPService.as:842] at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/ mx/internal::resultHandler() [E:\dev\3.0.x\frameworks\projects\rpc\src\mx\rpc\ AbstractInvoker.as:186] at mx.rpc::Responder/result()[E:\dev\3.0.x\frameworks\ projects\rpc\src\mx\rpc\Responder.as:41] at mx.rpc::AsyncRequest/acknowledge() [E:\dev\3.0.x\frameworks\projects\rpc\src\mx\rpc\ AsyncRequest.as:74] at DirectHTTPMessageResponder/completeHandler() [E:\dev\3.0.x\frameworks\projects\rpc\src\mx\ messaging\channels\DirectHTTPChannel.as:381] at flash.events::EventDispatcher/dispatchEventFunction() at flash.events::EventDispatcher/dispatchEvent() at flash.net::URLLoader/onComplete()
I suspected something was wrong with the XML file, since the UI was successfully loading other files from the same directory. I opened the file in XML Spy, which immediately displayed a message to the effect that the XML was not well-formed. And sure enough, I had missed something. Here is what the XML looked like:
<page> <name>page1</name> <type>pagetype</type> <previewUrl>previewUrl</previewUrl> <path>page/path1</path> <promoTypes> </promoType>typeOne</promoType> </promoType>typeN</promoType> </promoTypes> </page>
You will probably see the error right away, but to my embarrassment I didn’t. How did the error creep in? Well, I had copied the sample XML from the design document (which I did not write) and pasted it into an XML file so that I’d have something to pull in for development purposes, and evidently I did not check it over very carefully. (If you don’t see the error, look closely at the promoType tags, and you’ll see that the opening tags have closing slashes.)
I fixed the XML, the error vanished, and I was able to resume forward progress. Clearly, the error message displayed by the debug player was not only non-helpful, it was actually misleading.
I thought I’d post this here in case anyone else runs into a similar problem. It may save you a few minutes of wonderment.