By default, the Adobe Flash Player security model prohibits Adobe Flash Players from making network connections to servers outside the domain that serves the SWF file.

To override the default, you must upload a public-readable crossdomain.xml file to the bucket that will accept POST uploads. Following is a sample crossdomain.xml file.

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM

"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

  <allow-access-from domain="*" secure="false" />

</cross-domain-policy>

	Note
	For more information about the Adobe Flash security model, go to the Adobe web site. Adding the crossdomain.xml file to your bucket allows any Adobe Flash Player to connect to the crossdomain.xml file within your bucket. However, it does not grant access to the actual Amazon S3 bucket.

The FileReference API in Adobe Flash adds the Filename form field to the POST request. When building Adobe Flash applications that upload to Amazon S3 using the FileReference API, include the following condition in your policy:

['starts-with', '$Filename', '']

Some versions of the Adobe Flash Player do not properly handle HTTP responses that have an empty body. To configure POST to return a response that does not have an empty body, set success_action_status to 201. When set, Amazon S3 returns an XML document with a 201 status code. For more information, go to RESTObjectPUT.