Connect Failed for no valid crossdomain policy was found
Options
It is annoy some, I try almost all of the solution I can find from this forum, but still not work!!!
So I need you guy help here, long for...
Let's explain my problem:
1. I use PhotonNetWrok version 3.0.11.1074.
2.I used the PUN(for unity3d3.5).
3.The leave the server setting as default. just like this:
<TCPPolicyListener
IPAddress="0.0.0.0"
Port="843"
Application="Policy"
InactivityTimeout="5000">
</TCPPolicyListener>
<TCPPolicyListener
IPAddress="0.0.0.0"
Port="943"
Application="Policy"
InactivityTimeout="5000">
</TCPPolicyListener>
</TCPPolicyListeners>
4.my server and client is on the same machine.
5.I can connect the server successfully in the standalone version or editor version. But it is failed in Web Player version. You know, it is because the web player need get socket policy file(crossdomain). It can't get it.
6.I map my router's ports 843 to local network. I am sure the port 843, 80, 5055...is opened to the internet. they do work for I can visit them.
7.I've checked my firewall, I disable them all to make the 843 accessable, I print the net state, it shows the port is on listening.
8.I telnet the port 843, it connects ok but without any echo. But there is not any message to show the connection is failed!
9.Every Time the server starts up, I can get the following policy log:
<cross-domain-policy>
<allow-access-from domain="*" to-ports="5055,5056,5057,4530,4531,4532,9090" />
</cross-domain-policy>
2012-06-09 18:52:06,875 [1] INFO Exitgames.Realtime.Policy.Application.Policy [(null)] - Policy file:
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<socket-resource port="4530,4531,4532" protocol="tcp" />
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
It means the my port settting is ok,they are accessable base on the policy rule.
10.I copy a crossdomain.xml to the "...\deploy\Policy\assets",but is do nothing at all.
The questions is:
Why the webplayer can't get the crossdomain string from the policy server, the 843 port is ok?
I mean if I can the the crossdomain string from the 843, all annoy will gone! Am I rigth?
Waiting for your helpful answer!
So I need you guy help here, long for...
Let's explain my problem:
1. I use PhotonNetWrok version 3.0.11.1074.
2.I used the PUN(for unity3d3.5).
3.The leave the server setting as default. just like this:
<TCPPolicyListener
IPAddress="0.0.0.0"
Port="843"
Application="Policy"
InactivityTimeout="5000">
</TCPPolicyListener>
<TCPPolicyListener
IPAddress="0.0.0.0"
Port="943"
Application="Policy"
InactivityTimeout="5000">
</TCPPolicyListener>
</TCPPolicyListeners>
4.my server and client is on the same machine.
5.I can connect the server successfully in the standalone version or editor version. But it is failed in Web Player version. You know, it is because the web player need get socket policy file(crossdomain). It can't get it.
6.I map my router's ports 843 to local network. I am sure the port 843, 80, 5055...is opened to the internet. they do work for I can visit them.
7.I've checked my firewall, I disable them all to make the 843 accessable, I print the net state, it shows the port is on listening.
8.I telnet the port 843, it connects ok but without any echo. But there is not any message to show the connection is failed!
9.Every Time the server starts up, I can get the following policy log:
<cross-domain-policy>
<allow-access-from domain="*" to-ports="5055,5056,5057,4530,4531,4532,9090" />
</cross-domain-policy>
2012-06-09 18:52:06,875 [1] INFO Exitgames.Realtime.Policy.Application.Policy [(null)] - Policy file:
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<socket-resource port="4530,4531,4532" protocol="tcp" />
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
It means the my port settting is ok,they are accessable base on the policy rule.
10.I copy a crossdomain.xml to the "...\deploy\Policy\assets",but is do nothing at all.
The questions is:
Why the webplayer can't get the crossdomain string from the policy server, the 843 port is ok?
I mean if I can the the crossdomain string from the 843, all annoy will gone! Am I rigth?
Waiting for your helpful answer!
0
Comments
-
Nobody helps me? It is important for our team. We can't test our game in browser, we must test it by Win Client version. You know, it's size is big some for our tester in China.
So help me please and the god will bless you0 -
If server and client are on the same machine, your router is out of the equation and needs no setup.
Locally, the client can use 127.0.0.1:5055 as server address.
To verify this problem is caused by security issues:
In Unity, select your build type "web player" and run one of our demos with said IP. The console will log this: Connect() failed: System.Security.SecurityException: Unable to connect, as no valid crossdomain policy was found".
As first step, please don't modify the server or the policy-xml files. If this fails, then still some firewall causes the trouble.
One user reported that changing the firewall rules didn't work. Instead: "We had to delete and re-create the rule to get it to work, Windows thing not a Photon thing but I'm passing it on in case someone else runs into the issue." Maybe this is the case here, too.
viewtopic.php?f=17&t=1718&p=8126&hilit=firewall#p81260 -
Thank for Tobias.
1.I setup Http File Server with hfs tools and publish the webplayer version on it with crossdomain.xml.
I can visit it by public IP address:http://112.95.1.229/WebPlayer1/WebPlayer.html. It works. That means my route IP and port 80 is ok and can be visit from internet. In fact, my friend can visit it from the internet.
2. So I connect the Photon master server with 112.95.1.229:5055, it should be ok also without the policy blocking. Now, all things focus on the policy crossdomain string. I can't get it from the port 843.
I mean I must publish my local machine as the server for my friends to test my game. So how can I attach it. BTW. My network is ADSL, the IP is dynamic. But I am sure the IP is not changed if I don't reset the router. You know, It has nothing to do with the IP for I can't visit any web page (html) I published local with HFS use address like" http://112.95.1.229/xxx/xxx.html.
I try to reset my router rules, it doesn't work too!
So what's happened with my policy server? I can I work arround it.0 -
crossdomain policy handling does not rely on the crossdomain.xml at all. That file and port 80 is only used for WWW access to files.
crossdomain socket policy has to be handled through a TCP connection on the server side, which in case of Photon and Unity happens on TCP port 843 if you use Photon 3 and didn't modify the configuration.
To ensure its working you also have to forward TCP Port 843 to the server / allow connections to it. Thats where the socket policy is requested, port 80 is irrelevant for the socket policy handling.
As well ensure that the port is also forwarded within your router to your machine when you connect through 127.95.1.229 and that you make the webplayer connect to this IP too cause 127.0.0.1 will not work when you start it from within a website like that.
Also if you use the LoadBalancing instance (which I assume you do if you used PUN), keep in mind that your friends can not connect if you can do so through localhost / 127.0.0.1 cause the gameserver configurations can either point the public ip to 127.0.0.1 or your external IP and in consequence only that one will work. (this does not change the problem with the policy here but it would be the next thing that would block your road)
Last but not least: that you can't visit the websites through your external IP implies that either your router does not correctly forward the port, that something else hooks up port 80 (you might want to stop skype and see that no mamp / apache is running) or that your adsl modem (if you don't have a real router) simply is not capable to redirect messages that are meant for the local lan if you try to reach it through your public IP in which case you would need to buy a real router thats capable of it if you ever want to connect yourself.0 -
josszp: This issue is almost always down to some router (port forwarding) or firewall setting.
You need to setup your modem to accept and forward udp ports 5055, 5056, 5057 and tcp port 843 (policy). The 3 udp ports are for Master and Game Servers (Loadbalancing).
Also, your machine's firewall has to be open for those ports. If you played your game locally, this maybe is already OK. Depending on the rules, the firewall might still block connections coming from your modem (or better: from outside).0 -
TO: Tobias and Dreamora.
Thanks a lot. But the evil is going on!!!!
I have setup my udp ports 5055, 5056, 5057 and tcp port 843 (policy) all and I am sure they can be visited because I've done the following test:
1.I start up the Tools/SocketPolicyServer from the U3D.
2.I telnet to local or public IP like this: "telnet localhost 843" Or "telnet 112.95.2.223 843"
3. the server prints connect is coming.
4.I print the request "<policy-file-request/>", the server return the policy crossdomain string as I desired.
The test means my tcp 843 port is OK and the crossdomain policy rule is work on my machine.
Another test I do is:
I change my HFS port to 843, I can visit my server file by: http://112.95.2.223:843/WebPlayer/WebPlayer.html. It means my 843 port is ok, isn't it?
All evil come out in the web player and the sun goes up when I changed into the editor.0 -
And the more surprising I've got here!
1. I try to change the policy port to 2999( which is large than 1024.) as the following steps:
a. changed port define in PhotonServer.config: <TCPPolicyListeners>
<!-- multiple Listeners allowed for different ports -->
<TCPPolicyListener
IPAddress="0.0.0.0"
Port="2999"
Application="Policy"
InactivityTimeout="5000">
</TCPPolicyListener>
</TCPPolicyListeners>
b.And I add the following code before the connect code in client script:
if (Security.PrefetchSocketPolicy(serverAddress, 2999))
{
Debug.LogError("PrefetchSocketPolicy failed!");
return false;
}
But as the result, I've got a expection:
PhotonHandler:DebugReturn(DebugLevel, String) (at Assets/script/PhotonNetwork/PhotonHandler.cs:122)
NetworkingPeer:DebugReturn(DebugLevel, String) (at Assets/script/PhotonNetwork/NetworkingPeer.cs:781)
So my question is:
1.Some guys said that we need't crossdomain policy rule when connect in editor. The upper exception says no to it. It means we need the rule also.
2.So if crossdomain policy rule has be done in the editor running, I means my crossdomain policy rule work properly when I use the 843 as policy port. But why it doesn't work in web player???
Is my god joking?!!
I need your help, guy! Thank you!0 -
Which exception are you getting? You only posted the stacktrace...0
-
I am sorry for that.
I test it again and get the following result: (Note: my PUBLIC ip and all port (5055...843) the server depend is OK.)
1.Use the default setting(843 as the policy port), I connect the server. In editor and StondAlone version, it works perfectly. but not in web player version.
2.Then I add Security.PrefetchSocketPolicy(serverAddress, 843) before the connect call, In editor and StondAlone version, it works perfectly. but not in web player version.
3.I add Security.PrefetchSocketPolicy(serverAddress, 2999) before the connect call, In editor and StondAlone version, it works perfectly. but not in web player version. (as I desire, it shouldn't connect for I don't change the policy listener port to 2999. I start to guess the Security.PrefetchSocketPolicy do nothing at all)
4.Last I add Security.PrefetchSocketPolicy(serverAddress, 2999) and change the policy listener port to 2999(change the define in PhotonServer.config). This time I can't connect the server even in the editor or Standalone version.
So, why? Does the Security.PrefetchSocketPolicy(serverAddress, xxx) really work?
OK, my 843 port doesn't work without ryhme or reason, maybe I should change the policy listen port, but how can I attach it?
Add:
I find a post here: viewtopic.php?f=6&t=507&p=3550&hilit=change+843+port#p3550 about changed the listener port. It prove I did the right thing but got the error result, Why?
All of the exceptions I got is:
Connect Failed for no valid crossdomain policy was found0 -
Is your router setup to forward incoming requests for port 843 to your machine's port 843?0
-
TO Tobias: Yeah, my router setup to forward incoming requests for port 843 to your machine's port 843.
Today I debug the policy server and got the following result: (use the default 843 port as the policy port. I test in LAN of my company, use IP: 172.16.0.111.)
1. I run the client in Editor and I the policy server got the crossdomain request. It's OK!
2. I telnet 172.16.0.111 843, it connect successful, then I type "<policy-file-request/>" to send the crossdomain request. The policy server got the request and send back the crossdomain string define in socket-policy.xml. You know everything works perfectly.
3.But when I run my game in the webplayer, the policy server couldn't receive the crossdomain request. I guess it because the web player never send the request.
So, the big EVIL is "the web player NEVER SEND the request."
It there any setting in the browser blocked the message? Nobody met this evil except me?
If you've met, help me, pls!0 -
Are you using the same IP in the build of the webplayer then?
If you suspect the webplayer of not sending the policy request, then please download Wireshark and use it to log everything that goes to port 843, TCP. Then you will see if a request is made and where it goes.
Also check the webplayer log for anything suspicious.0 -
To Tobias:
“Are you using the same IP in the build of the webplayer then?”
the same IP? you mean web player link ip and the connect server ip is same? Yes, my Http server for the webplayer.html and the photon server is on the same machine, they use the same IP.
For example:
wetplayer url: http://163.125.33.76/Game/webplayer.html
Server IP: 163.125.33.76
Does these matter???0 -
It would matter if you connect to another IP than the public one of your server.
I am really a bit out of ideas here.
I will try your webplayer tomorrow and see if I got more ideas.0 -
Thank to Tobias. I am waiting for your result!!0
-
And I found I am not the single. There are many other pool man like me. Just like this link:
http://answers.unity3d.com/questions/20 ... i-don.html
So should we do?0 -
Your webplayer won't load. Please mail me a valid webplayer address: developer@exitgames.com0
-
I am sorry! I mean:
I use the dynamic IP, It changes almost everyday. So It is difficult some for I don't know when does have time to test.
If possible, would please tell me when are you free for the test. I would prepare the server for you.
BTW, I am from China.
Thank you, Tobias. for you warmhearted help!0 -
I do the test all day long. Just a very very simple test. But the result is so sad!!!
1. The server, I use the default setting.
2.The client, I have a scene just with an script object which code is :public class Test : MonoBehaviour { // Use this for initialization void Awake () { Application.runInBackground = true; //if (Application.platform == RuntimePlatform.WindowsWebPlayer) { //Test1 Debug.Log("Security.PrefetchSocketPolicy = " + Security.PrefetchSocketPolicy("112.95.179.10", 9099)); //Test2 //Debug.Log("Security.PrefetchSocketPolicy = " + Security.PrefetchSocketPolicy("192.168.1.100", 843)); //Test3 //Debug.Log("Security.PrefetchSocketPolicy = " + Security.PrefetchSocketPolicy("112.95.179.10", 9099)); } } }
When I run the simple test in the Editor,all of the tests is OK( with output:" Security.PrefetchSocketPolicy=true" ), also I debug policy server, set the break at receive request code line and find the server break at the line.
But when I publish it to the webplayer and run it. the output is "Security.PrefetchSocketPolicy=false" and the server never got any break;
Why? I test it on different machine, different network,(My home and my company). I got the same result. What wrong with me? I almost crazy!!!
Help me pls! I have no any idea now.0 -
Are you hosting at home?
It might not work, unless your modem/router supports port forwarding. For testing, this might be ok but a changing IP is not ok for a real product.0 -
Yes, I am hosting at home. Just for testing. My router support port forwarding. It is OK but in web player.
I use the U3D3.5f5. I start to suspect that is there a bug with Security.PrefetchSocketPolicy(IP, Port)? Or what on earth with my Security.PrefetchSocketPolicy????0 -
potentially your browser does not like the loopback and fails.
keep in mind that any web requests on the webplayer are handled by the browser, not unity itself, and hence browser settings or plain stupid browsers can backfire
one such case would be if you are behind a proxy cause unity editor and other platforms do not respect nor support proxies, but the browser and hence webplayer will and behind a proxy the ip etc could all change0 -
I don't think you need to prefetch the socket policy. Why don't you just use the default ports and let Unity fetch the policy??0
-
Yes, I test the default port 843. with on prefetch, just let Unity do it. But it doesn't work.Tobias wrote:I don't think you need to prefetch the socket policy. Why don't you just use the default ports and let Unity fetch the policy??
Yes, maybe It is the evil source. But how can I work around it? Just get an public IP server? No other way?dreamora wrote:one such case would be if you are behind a proxy cause unity editor and other platforms do not respect nor support proxies, but the browser and hence webplayer will and behind a proxy the ip etc could all change0 -
dreamora wrote:
one such case would be if you are behind a proxy cause unity editor and other platforms do not respect nor support proxies, but the browser and hence webplayer will and behind a proxy the ip etc could all change
I test Security.PrefetchSocketPolicy("127.0.0.1", 80), it also failed in browser. I mean the proxy server shouldn't block the request on port 80.
Maybe the proxy server block all port request on my IP. That is to say, any request to my computer is invalid! Is it?0 -
But my friends can't visit my webplayer link:
http://112.95.176.105:2000/WebPlayer/WebPlayer.html.
or
http://112.95.176.105/WebPlayer/WebPlayer.html.
or ...
It means my port 2000 and 80 is OK. It is not blocked by the proxy server. Then what is the problem, I have no idea again!!!0 -
if he can not even reach your webplayer then you have not properly portforwarded them to the right machines. otherwise he would at least get there
that or your provider simply does not allow it0 -
God save me! Yeah!!!
I am so excited, almost bacchanal some!! Just for getting rid of the Web player policy EVIL. Good bye, Mr Evil!!! Aha!
So I am here, to tell the solution for the pool guy meets the same evil like me. I trace it for two weeks long. I means it is a period of hard time. It shouldn't be headache to you guys any more.
Very simple reason. In my scene there is dlls (I18N.dll, I18N.CLK.dll), these two dll is used to support the Simple Chinese Input in Unity version 2.6(in version3.0 up, we needn't them. ). the version of them is older some. They cause some crash we can't print, but they make my browser cant parse the policy request. So the on the server side, policy server never gets any request.
That's it!
Evil's gone!!! The god sun's up!!!
Thanks for the guys reply the post!!!0 -
Wow. Great you found it!
That's really tricky - I would never have found it.
But it shows: If your server does not behave as expected, try one of our demos and if that works, it's something in your project.0 -
OK!0
