mattcg · July 25, 2010 20:05 · niefba · Sep 20, 2017
diff --git a/flashpolicy.xml b/flashpolicy.xml
 <?xml version="1.0"?>
 <!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">

 <!-- Policy file for xmlsocket://socks.example.com -->
 <cross-domain-policy> 

   <!-- This is a master socket policy file -->
   <!-- No other socket policies on the host will be permitted -->
   <site-control permitted-cross-domain-policies="master-only"/>

   <!-- Instead of setting to-ports="*", administrator's can use ranges and commas -->
   <!-- This will allow access to ports 123, 456, 457 and 458 -->
   <allow-access-from domain="swf.example.com" to-ports="123,456-458" />

 </cross-domain-policy>
diff --git a/node_fsps.js b/node_fsps.js
 /*
 A simple Flash socket policy server for NodeJS. Request must be, and response is, null-terminated, according to Adobe spec.
 */

 var file = process.argv[2] || '/etc/flashpolicy.xml',
 	host = process.argv[3] || 'localhost',
 	port = process.argv[4] || 843,
 	poli;

 var fsps = require('net').createServer(function (stream) {
 	stream.setEncoding('utf8');
 	stream.setTimeout(3000); // 3s
 	stream.on('connect', function () {
 		console.log('Got connection from ' + stream.remoteAddress + '.');
 	});
 	stream.on('data', function (data) {
 		if (data == '<policy-file-request/>\0') {
 			console.log('Good request. Sending file to ' + stream.remoteAddress + '.')
 			stream.end(poli + '\0');
 		} else {
 			console.log('Bad request from ' + stream.remoteAddress + '.');
 			stream.end();
 		}
 	});
 	stream.on('end', function () {
 		stream.end();
 	});
 	stream.on('timeout', function () {
 		console.log('Request from ' + stream.remoteAddress + ' timed out.');
 		stream.end();
 	});
 });

 require('fs').readFile(file, 'utf8', function (err, poli) {
 	if (err) throw err;
 	fsps.listen(port, host);
 	process.setgid('nobody');
 	process.setuid('nobody');
 	console.log('Flash socket policy server running at ' + host + ':' + port + ' and serving ' + file);
 });
	<?xml version="1.0"?>
	<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">

	<!-- Policy file for xmlsocket://socks.example.com -->
	<cross-domain-policy>

	<!-- This is a master socket policy file -->
	<!-- No other socket policies on the host will be permitted -->
	<site-control permitted-cross-domain-policies="master-only"/>

	<!-- Instead of setting to-ports="*", administrator's can use ranges and commas -->
	<!-- This will allow access to ports 123, 456, 457 and 458 -->
	<allow-access-from domain="swf.example.com" to-ports="123,456-458" />

	</cross-domain-policy>
	/*
	A simple Flash socket policy server for NodeJS. Request must be, and response is, null-terminated, according to Adobe spec.
	*/

	var file = process.argv[2] \|\| '/etc/flashpolicy.xml',
	host = process.argv[3] \|\| 'localhost',
	port = process.argv[4] \|\| 843,
	poli;

	var fsps = require('net').createServer(function (stream) {
	stream.setEncoding('utf8');
	stream.setTimeout(3000); // 3s
	stream.on('connect', function () {
	console.log('Got connection from ' + stream.remoteAddress + '.');
	});
	stream.on('data', function (data) {
	if (data == '<policy-file-request/>\0') {
	console.log('Good request. Sending file to ' + stream.remoteAddress + '.')
	stream.end(poli + '\0');
	} else {
	console.log('Bad request from ' + stream.remoteAddress + '.');
	stream.end();
	}
	});
	stream.on('end', function () {
	stream.end();
	});
	stream.on('timeout', function () {
	console.log('Request from ' + stream.remoteAddress + ' timed out.');
	stream.end();
	});
	});

	require('fs').readFile(file, 'utf8', function (err, poli) {
	if (err) throw err;
	fsps.listen(port, host);
	process.setgid('nobody');
	process.setuid('nobody');
	console.log('Flash socket policy server running at ' + host + ':' + port + ' and serving ' + file);
	});