Before you start
Before you start using Viblast Player, make sure that your streams are CORS enabled.
Since Viblast Player is an HTML5 JavaScript-based player, the video streams it handles should be accessible by JavaScript. This is controlled by the cross-origin resource sharing (CORS) mechanism (see Cross-Origin Resource Sharing: W3C Recommendation).
Are my streams CORS enabled?
The easiest way to check if your stream is CORS enabled is to use the cURL tool in the command-line interface.
For example, if your HLS playlist is
http://cdn3.viblast.com/streams/hls/airshow/playlist.m3u8
you can invoke cURL with the -I parameter to check the headers of the HTTP
response:
curl -I http://cdn3.viblast.com/streams/hls/airshow/playlist.m3u8
The response should contain Access-Control-Allow-Origin HTTP header,
as in the following response:
HTTP/1.1 200 OK
Date: ...
...
Access-Control-Allow-Origin: *
...
If there is no such header, you need to configure your streaming server to enable CORS requests.
Clarification about cross-domain policy file and CORS
Please note that the cross-domain policy file (crossdomain.xml) does not control the browser's CORS mechanism.
It only controls cross-domain requests permissions for the Adobe Flash plugin.
The cross-domain policy file crossdomain.xml is an XML document that grants the Adobe Flash plugin permission to handle data across multiple domains (see Adobe documentation).
As Viblast Player is an HTML5 JavaScript player, you need to configure cross-origin resource sharing (CORS) for your streams, not the cross-domain policy.
How to configure CORS for my streaming server?
How to enable CORS for you video streams depends on what streaming infrastructure you are using. Below you can find instructions for the most commonly-used servers.