/** * Gets the XML string that should be returned if a client requests a Flash security policy. * * <p>The default implementation allows access from all remote domains, but only on the port that * this WebSocketServer is listening on. * * <p>This is specifically implemented for gitime's WebSocket client for Flash: * http://github.com/gimite/web-socket-js * * @return An XML String that comforts to Flash's security policy. You MUST not include the null * char at the end, it is appended automatically. * @throws InvalidDataException thrown when some data that is required to generate the * flash-policy like the websocket local port could not be obtained e.g because the websocket * is not connected. */ @Override public String getFlashPolicy(WebSocket conn) throws InvalidDataException { InetSocketAddress adr = conn.getLocalSocketAddress(); if (null == adr) { throw new InvalidHandshakeException("socket not bound"); } StringBuffer sb = new StringBuffer(90); sb.append("<cross-domain-policy><allow-access-from domain=\"*\" to-ports=\""); sb.append(adr.getPort()); sb.append("\" /></cross-domain-policy>\0"); return sb.toString(); }