Squeezebox Cross-Domain Policy Plugin
What is this?
I've got a Squeezebox and a Chumby sitting on my desk, but unfortunately they can't talk to each other because out of the box, Squeezebox Server doesn't provide a cross-domain policy to allow the Flash-based Chumby to connect. This plugin adds that cross-domain policy file to the web interface, allowing developers to use Flash or Silverlight (or anything else that supports crossdomain.xml) to create apps that can communicate with Squeezebox Server.
What can it do?
Currently, it only supports the allow-access-from domain directive. You can configure which domains are allowed using the plugin settings dialog.
It does not provide the socket policy needed to access the Squeezebox Server CLI functionality.
How do I get it?
Squeezebox Server supports third-party repositories, so I have made this plugin available via that system. I have only tested this with Squeezebox Server 7.6 (beta) running on Linux; it should work with Squeezebox Server 7.3 and up running on all supported operating systems though.
- Navigate to your Squeezebox Server web interface in a browser of your choice.
- Click the Settings link in the bottom-right corner.
- Click the Plugins tab.
- Scroll down to the bottom of the page, until you see the section Additional Repositories.
Paste the following URL into the box, and click Apply. Don't click on the link; you'll only see XML code.
- Acknowledge the warning popup.
- Back at the top of the page, there should be a new plugin to enable, titled Cross-Domain Policy. If it isn't there, there should be a section on the page titled edgylogic; find it under that. Tick the box to enable it, and click Apply.
The plugin is now installed, but needs to be configured. To keep nefarious people from screwing with your Squeezebox Server setup, you should only allow communication from known sources - find out the originating domain of the app you want to use. If the app runs locally on your computer, then you will need to know the IP address of the local machine. You can add multiple sources. You can also use a wildcard for subdomains, e.g. *.example.com will allow widget.example.com, app.example.com etc. If you really want to allow access from any source, add '*' (without quotes).
Once you have the list of allowed sources, do the following:
- On the Plugins tab, look for Cross-Domain Policy in the Active Plugins section. Click the corresponding Settings link.
In the text box, enter each source on a new line, e.g.
- Click the Apply button.
To check that the configuration has occurred properly, navigate to http://<SBS address>:<port>/crossdomain.xml in either Firefox or Opera (Chrome, Safari or IE don't know how to show XML files).
Want to make it better?
The code is available on GitHub. You should be forewarned though - I only learnt Perl by hacking this plugin together, so to those who are Perl fans, apologies but Perl confuses and frustrates the hell out of me; making it work was hard enough :)