Make MIME a Double!

I just endured a marathon troubleshooting/debugging session at work so I figured I would blog the cause/resolution in hopes that it will save someone else from the same painful experience. This morning we noticed that the homepage swf on our site suddenly stopped loading.

After some Sherlock Holmes like deduction, we narrowed it down to the fact that particular swf was unique in that it was the only one on our site that loaded our blog's rss xml feed and displayed it.

Using Charles web-debugging proxy (a true lifesaver) I noticed that the page was getting hung up on the crossdomain.xml file at the root of our blog. When I tried to load the xml file directly in the browser, rather than displaying the xml it tried to save the file to the desktop as a plain text file. My first thought (which 6 hours later turned out to be the right thought) was "perhaps the mime type on the server is wrong". But that never really mattered. Until now.

Enter the latest Flash player (9.0.115). According to this article, as a security precaution, the server now must properly define the mime type as xml so malicious douchebags can't trick the flash player into loading another type of file. Apparently Typepad.com does not have theirs set, and the new Flash player no likey.

A quick summary of cross domain policy files for those of you unfamiliar:

Typically when you load data into a swf file from another server, you need to place a cross domain policy file on that server to allow the Flash player to load in the data. It's a fairly simple process, and alot of sites just add a wildcard "*" crossdomain.xml file to the root of their server to allow developers to consume data from them. More info here.

Long story short, if you are loading data into a swf from another server, make sure that server has the mime type for xml set properly, or you will be stuck in an invisible box. Hope that saves you some time!. -B