: Why am I seeing unexpected requests for "crossdomain.xml" in my logs? I've getting lots of 404 errors from crossdomain.xml. Here are the request details, as provided by Google App Engine: 404
I've getting lots of 404 errors from crossdomain.xml. Here are the request details, as provided by Google App Engine:
404 22ms 19cpu_ms 0kb Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
69.130.*.* - - [24/Jul/2011:07:43:42 -0700] "GET /crossdomain.xml HTTP/1.1" 404 124 "http://s.nsdsvc.com/App/DddWrapper.swf?c=3" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30" "app.*.*.*" ms=22 cpu_ms=19 api_cpu_ms=0 cpm_usd=0.000633 instance=00c61b117c557326bef77d341a345431e66b
I'm not sure what is going on. Can anyone help me solve this issue?
More posts by @Michele947
4 Comments
Sorted by latest first Latest Oldest Best
This isn't actually related to a firefox plugin, or any plugin at all. crossdomain.xml is part of the flash/flex specification. It's a method to allow/validate cross domain operations for flash and other Adobe products, Sliverlight also seems to use/obey the same adobe policy framework.
From Adobe's Cross-domain policy file specification
A cross-domain policy file is an XML document that grants a web
client—such as Adobe Flash Player, Adobe Reader, etc.—permission to
handle data across multiple domains. When a client hosts content from
a particular source domain and that content makes requests directed
towards a domain other than its own, the remote domain would need to
host a cross-domain policy file that grants access to the source
domain, allowing the client to continue with the transaction. Policy
files grant read access to data, permit a client to include custom
headers in cross-domain requests, and are also used with sockets to
grant permissions for socket-based connections.
Example of a valid crossdomain.xml
<?xml version="1.0" ?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
So it would seem an Adobe product is asking for permission to perform a cross domain operation - I've seen this in my logs before and took it to be a bot looking for a weakness because I could see no other reason for it being there - I would ignore it if it's doing no apparent harm.
Check your browser add-ons and look for something called yontoo.com not sure exactly what it is but if you remove this add-on all seems to go back to normal
I also was finding these references in my logs.
This seems to be related to a service called "Drop Down Deals", that involves a browser add-on that seems, well, broken.
www.dropdowndeals.com/ nodpi.org/forum/index.php?topic=3462.0;wap2
Do you have flash based adverts on your website, it looks like the 3rd party advert is looking in your domain for the crossdomain.xml.
Speak to your ad company about this.
Was your domain owned by anyone else in the past? It could be that something was setup before you came along.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.