What application did you use to create your crossdomain.xml file? I’ve seen this happen many times and it’s almost always one of two problems:
The file is not UTF-8
The file is UTF-8 but has the BOM marker
If you’ve used a common windows text editor like Notepad and saved as UTF-8, it adds the BOM (Byte Order Mark) to the beginning of the file. It is beyond me why programs accessing crossdomain.xml don’t check for the BOM and ignore it… but they don’t.
If you’re on Windows, install Notepad++ and open your crossdomain.xml file in it. Then go to the Encoding menu and choose “Convert to UTF-8”. Make sure you choose that exact one, not the BOM option. Then save and re-upload your crossdomain.xml file and try it again and it should work for you.
I managed to access the detail log of unity (thanks to the security parameters of the compagny…)
so, when i tried to access the script on the client server i get :
About to parse url: http://www.client_server.com/client_script.php
Determining crossdomain.xml location for request: http://www.client_server.com/client_script.php
About to parse url: http://www.client_server.com/crossdomain.xml
Download had OK statuscode
Received the following crossdomain.xml
<?xml version="1.0"?>
----------
received policy
Parsing: cross-domain-policy
cross-domain-policy
Parsing: allow-access-from
allow-access-from
domain: http://www.lagence3d.com
done parsing policy
crossdomain.xml was succesfully parsed
About to parse url: http://www.client_server.com/client_script.php
Checking if http://www.client_server.com/client_script.php is a valid domain
Checking request-host: bed.ds-consulting-shop.com against valid domain: http://www.lagence3d.com
Rejected because there was no AllowedAcces entry in the crossdomain file allowing this request.
End Connection.
As the problem seems to come of the allowed url, i tried with an * filter and it works (yes, i’m ashamed to not tried that first…)
Now, the question is does somebody know why the initial url’s not working ?
Because you’re setting it up backwards. The Unity app is hosted on your domain… so you need to give access to the client domain (not yours). So the allow-url should be “http://www.client-server.com” instead of lagence3d.com.
Think of it as “A” giving permission to “B”. Your WebPlayer game exists on “A”… now site “B” wants to load your game. Unity says "Hey, I’ve been requested by site B, but the game exists on site A… do I have permission to load it? Site A returns the clientpolicy.xml file which says “Yep, site B’s URL is listed in the allows URLs so go ahead and play it”.
This is to help prevent other sites from hotlinking your game and pretending to own it (or even charging uses to access it), because you can control who can serve the content. That’s why using * isn’t good outside of a dev / testing environment.
Also, if the game is on Site A, and the user is loading the game by visiting Site A directly, then you don’t have to worry about it because it’s the “origin”, so it doesn’t need to give itself permission.