I’m doing a multiplayer web browser game using my own server and my own socket classes in C# for the Unity Client. My game works fine using unity 2.6, but it can’t connect to my server using Unity 3.0f1. This is the error I get:
Unable to connect as no valid crossdomain policy was found
My server has support for crossdomain files because in the past I developed games for flash. I checked my apache logs and my server logs and I have no registered connections. I also changed the configuration in Edit->project settings/editor/www security emulations to point my server.
Do you have any ideas or suggestions?
It’s seems that the client wants to connect to remote port 843.
Please check the manual on the webplayer 3.0 security topic quite far down.
without crossdomain policy, your webplayer can only access the local domain, no other place on earth
Thank you!
I only needed to add a Security.PrefetchPolicy() command in my client code. Now it works 
can you give me an example of project, because I can not find any…:(. I am using udpSockets and got the same problem (I need some code and an example of crossdomain.xml file, maybe mine is not good).
TNX
Two parts are required: in the code, you need a TCP server running on port 843 that prints an XML access policy upon connections. You also need, in your game client code, a function call to Security.PrefetchPolicy(server IP address, 843); Call this before you try to connect with a socket. I’m aware that the Unity documentation says this function call isn’t necessary, but in my testing, I found that it is. Here is some example code for a simple TCP server that will do what is required on a Linux system (run it as root):
#!/bin/sh
while true; do echo ‘<?xml version="1.0"?>
’ | netcat -l 843; done
Note: I’ve been having trouble with this lately. It seems like it stopped working, for some reason. Now I’m using the sockpoll.exe executable that comes with Unity (run “mono sockpoll.exe --all” as root).
Is there a way to stop unity from checking localhost for the crossdomain permissions? I have the proper encoding for my xml file now. And it appears to read in firebug. But once the particular domains crossdomain.xml is found unity sends a second request to localhost and breaks the HS controller. Does anyone know what I’m talking?
You can’t impact where it checks it, it normally though should only check what you try to access. if you try to use the same domain to access something for example that would yield a local host check
Thanks for the quick response!
I am trying to access a database that’s on a separate server from where the game is hosted.
I was able to make the webplayer retrieve the crossdomain.xml on the server where the game is hosted:
atIp = "xx.xx.xx.x.xxx"; // IP of webplayer host
var netThing = new WWW ( "http://"+atIp );
also I’ve tried using:
PrefetchSocketPolicy( atIP , 843) // I've also tried the default socket 80. Which causes UnityPlugin to hang. As well as the editor.
This method doesn’t even send a request according to firebug. Should I have the socket policy file on the database server and make a WWW for that IP adress? I am willing to try anything to figure this out for here and future projects.
for a database connection, sockets are required and sockets don’t expect the crossdomain.xml but a policy server on the other end (the target adress you connect to)
This also includes the PrefetchSocketPolicy, which allows you to do it once instead of doing it for each request
Question is do you really want to create an account with wildcard access cause thats what external database access will enforce - normally you would use WWW and a webservice (php,asp,cgi,ruby, …) which then talks to the database within its secure environment
I’ve been using the HSController Script ( From the unify wiki ) for my database communication attempts. So I am using php as the webservice to get/store the database information. I’m waiting for a development environment to try different HiScore approaches ( as opposed to debugging the deployment on our live site) . I didn’t know that a separate database server would create such a problem. The security should work ( as far as I know ) using MD5 encryption I have those elements in place.
Will I be able to test this in the editor using security emulation? How can I debug this feature? Would it just be better to have a database on the same server?
The basic outline of our architecture is this :
The game is hosted at IPx ( appServer) and the database should be accessed through a private IPy on a different server ( databaseServer ); For security reasons I cannot use the address of the databaseServer directly. IPy is inside a firewall. So instead I have the crossDomain policy on the appServer allow access from the private ( local ) IPz where databaseServer is.
I assume that crossdomain is necessary in this system. The application host has a crossdomain policy in the root that points to the private IP. I do know know about the security configuration of the database server. I hear it isn’t set up as a fileserver and only contains SQL database information.
Thanks for your continued thought power!
Am I right about the implementation of this?
The applicationServer has the crossDomain.xml file which allows access from the dbServer once a secure connection is established ( through PHP ) ?