I'm going out of my mind with this, as I know many others have before me. So somebody, please put me out of my misery!!! I am writing a Flash site that needs to send the user to PayPal to pay for content on the site.

Calling navigateToURL(request, "_blank"); produces the following errors/warnings:


Warning: Domain www.paypal.com does not specify a meta-policy. Applying default meta-policy 'all'. This configuration is deprecated. See http://www.adobe.com/go/strict_policy_files to fix this problem.
Error: Request for resource at https://www.paypal.com/cgi-bin/webscr by requestor from http://mydomain/beta/paypal/PayPalTest.swf is denied due to lack of policy file permissions.
*** Security Sandbox Violation ***
Connection to http://www.paypal.com/cgi-bin/webscr halted - not permitted from http://mydomain/beta/paypal/PayPalTest.swf


I've tried every variation I can think of to lift Flash's lead curtain of security...



Security.allowDomain("http://www.paypal.com/cgi-bin/webscr");
Security.allowDomain("https://www.paypal.com/cgi-bin/webscr");
Security.allowDomain("http://paypal.com/cgi-bin/webscr");
Security.allowDomain("https://paypal.com/cgi-bin/webscr");
Security.allowDomain("http://www.paypal.com");
Security.allowDomain("https://www.paypal.com");
Security.allowDomain("http://paypal.com");
Security.allowDomain("https://paypal.com");


...as well as clear the way with crossdomain.xml...


<?xml version="1.0"?><!DOCTYPE cross-domain-policySYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.mydomain" />
<allow-access-from domain="mydomain" />
<allow-http-request-headers-from domain="paypal.com" secure="false" />
<allow-access-from domain="paypal.com" secure="false" />
<allow-http-request-headers-from domain="www.paypal.com" secure="false" />
<allow-access-from domain="www.paypal.com" secure="false" />
</cross-domain-policy>


I've found lots of posts all over the internet of others having similar problems, but no solutions to make communication with PayPal work.

HEEEEELLP!!! :eek:

Hmm, I just tested each address in a brand new fla triggering navigateToURL() on test movie and each address loads the perspective page without problems.

Just do some basic troubleshooting I.e. new test fla:


navigateToURL(new URLRequest("http://www.paypal.com"));
navigateToURL(new URLRequest("http://www.paypal.com/cgi-bin/webscr"));


I event went further and uploaded this simple test to my testing server online and upon entering: the 2 paypal pages as described within the navigateToURL method opens upon impact...and without adding any allow domain routines...it just simply works.

You would definitely get messages if you try to access with your browser on your local machine, but you should not if you test it from the flash file direct when you > test movie...otherwise it has to be online in order to work if you wish to access via the browser.

I recommend trying what I did above and create a brand new fla and do a quick test by adding the urls you wisht to navigate direct with an in-line URLRequest, make sure it is working and then impliment it into your project.

Let me know if it works for you...I am preparing to build a shopping experience using paypal also but completely leaving the shopping experience in flash and utilizing their XML Pay SDK that enables you to integrate with PayPal/XML Webservices via flash so that you can maintain existing UI without needing to actually go to a paypal page.

Cheers