HTTPS error "data length too long" in s3_pkt.c from

We’re trying to get flashsockets to work in Internet Explorer 9 over HTTPS/WSS. The flashsockets work over HTTP, but HTTPS is giving us problems. We’re using version 0.8.7 and version 0.9.1-1.

We’re running our websocket server via SSL on port 443. We’ve specified the location of our WebsocketMainInsecure.swf file (these are cross-domain ws requests) in the correct location, and we’re loading the file in the swfobject embed over HTTPS.

We opened up port 843 in our security group for our EC2 instance and the cross origin policy file is successfully being rendered over HTTP. It does not seem to render over HTTPS (Chrome throws an SSL connection error).

We’ve tried two versions of the WebsocketMainInsecure.swf file. The first is the file provided by, which is built off of that does not include the line


This throws the error SCRIPT16389: Unspecified error. at the WebSocket.__flash.setCallerUrl(location.href) line.

We figured it was because the SWF file was not permitting HTTPS requests, so we replaced the WebSocketMainInsecure.swf file with the one found at this repo: because it includes the


line in the actionscript code. When we used this, we saw that the flashsocket connection kept disconnecting and reconnecting in an infinite loop. We tracked the error down to the transport.js file in the library in the onSocketError function on the Transport prototype. It throws the error:

[Error: 139662382290912:error:1408F092:SSL routines:SSL3_GET_RECORD:data length too long:s3_pkt.c:503:]

We even tried updating both and to version 0.9.6 and we still got the Access is denied error.

This error has been very difficult to debug, and now we’re at a loss as to how to get flashsockets to work. We’re wondering if it might have to do with using an older version of, or maybe that our policy file server doesn’t accept HTTPS requests, or maybe even the way in which the WebSocketMainInsecure.swf file from the web-socket-js github repo was built relative to what expects.


I'm unsure weather it works. But here's my idea/suggestion:

  1. Idea: I assume that you (possibly) tried to access a URL which is too long. This happens if data often is tansmitted via GET-Parameters. The official limit for a URL is below 512 Bytes.

Details: The HTTP specification says that a protocol line may be at most 512 Bytes. If longer the server may reject the request or may be unable to handle the request. The first line in HTTP with a GET-requet is like "GET /path/to?param1=data1&param2=data2&... HTTP/1.1" which would need to fit in 512 bytes. For POST requests theres no such limitation..

However your error seems to origin from some SSL implementation (openSSL?): refering to s3_pkt.c at line 503 (I found a file like this here: but seems to be different; I don't know the details, and am just speculating: I could think of that the openSSL implementation has some limited support for long GET-Requests (as they are not HTTP conform) and just rejects them this way...

I see these possibities now: 1. Solution: Use POST instead of GET-Requests to transmit longer datasets. See if this works... 2. Try to replace you openssl-installation or libopenssl at the server used; it's possibly broken or outdated? 3. Try to request some help from the openssl developers...

Hope that helps...

Try building OpenSSL with SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER (credit to Steven Henson and Jaaron Anderson from OpenSSL mailing list).

Need Your Help

Bundling resources via bundle.config vs BundleConfig.cs in ASP.NET 4.5 WebForms webforms

Regarding ASP.NET 4.5's new System.Web.Optimization / Microsoft.AspNet.Web.Optimization:

Prevent PhpStorm from automatically saving files on close


When I close a file in PhpStorm, it saves the file automatically.