1. crossdomain.xml Issue
-> your target server should offer this file via https(443 port) But not CA certificate needed. self-signed certificate is available. <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" to-ports="*" secure="false"/>
-> I noticed that webPlayer send request for "crossdomain.xml" file via http not https. if your server domain "sub.yourdomain.com:9989", the webPlayer will send request to find "crossdomain.xml" via "sub.yourdomain.com:9989/crossdomain.xml"
(So, I think "Https setting is not neccessary for crossdomain.xml)
2. explorer blocks post request.
-> check your headers, If there is an empty value on the key, The request could be blocked when using microsoft explorer.
3. (python tornado) request.arguments could be empty
-> just use request.body instead of arguments