Expand my Community achievements bar.

July 31st AEM Gems Webinar: Elevate your AEM development to master the integration of private GitHub repositories within AEM Cloud Manager.

Does ModelDriven approach violate the SandBox constraint?


Level 2

We've developed a website using model-driven approach, and I find that the local version of the swf can retrieve data from remote server by communicating with the model, whereas the remote object cant due to the sandbox security constraint.

We've disabled RDS and both of the Model service and the remote service used the same rtmp channel. Is modal-driven approach supposed to act like this? or I need to do something else to ensure the cross domain security is applied?

2 Replies


Level 3

Can you provide some more information about your application? For example:

- For you remote SWF, did you move the SWF to a web server on a  different domain than the LCDS server to which you are communicating?

If this is the case, you would need a crossdomain.xml file at the root of the domain that your SWF is contacting (for example, http://somedomain.com/crossdomain.xml).

It would look something like the following example, where you'd specify the domain of the web server hosting your SWF in the allow-access-from-domain tag(s). There are two different levels of restriction shown in the example.

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*.example.com"/>
<allow-access-from domain="www.example.com"/>
<allow-http-request-headers-from domain="*.adobe.com" headers="SOAPAction"/>

Here's the cross-domain spec for more detained information:



Other questions, if that wasn't the issue:

- How are you using model-driven development?

Are you using the Modeler to generate entities from database tables and then deploying the model to the server?

Or, did yoiu do something such as introspect a remoting service with a  service wizard.

- Do you have a J2EE/LCDS project in Flash Builder from which you are successfully opening your HTML/SWF locally, from a URL such as:


Or, are you in a non-LCDS Flex project and are serving your SWF from the local file system.

Answers to these questions will help us know what you are dealing with.


Mike Peterson



Level 2

Hi Mike,

Sorry for the lack of information.

1. We have a LCDS/J2EE envirnoment configured in FB4.

2. We are using modeler to generate some of the entities and a model file is deployed.

3. We also use Remote Object to invoke some server APIs.

We can get everything to work without a crossdomain.xml file, since there is only one domain for our project(both assets files and server APIs locate at the same domain), however, for security concern, I was trying to see if a local compiled swf file could communicate to the server.

In theory, both of the Remote Object and Model communication should fail right? cause I am using a local compiled and stored swf, it should alert me with a error message that states sandbox constraint do not allow my swf to communicate with the remote server or something like that. However, when I tested it, I can get Model working locally, but the remote object is act as I expected.

I've double checked the RDS setting on the remote server, it was turned off. According to my knowledge, Model Driven approcah uses data management service as its underlying service, I haven't been able to test the sandbox behavior of the data management service, though, shouldn't it be the same with every other cases cause the sandbox is a FP's feature?

BTW, mentioning about the crossdomain.xml, I am wondering, if it is not secure. For example, I put <allow-access-from domain="*.example.com"/> in my domain, which has a name of example.com. By configuring that, I really want swfs from other domains to be rejected when they are trying to invoke server apis in my domain, whereas swfs in my subdomains has the right to access the apis. However, if I edit the Host file in a client machine in Windows/System32/drivers/etc, and put one line there: " crack.example.com" the whole security constraint collapsed.